We understand that security is your priority. It's ours, too.
That's why we use advanced security technology to help protect your users and company data.
Yellowdig provides a comprehensive set of security and data integrity features to keep your community data safe and in compliance with company policies.
All connections to Yellowdig are secured through SSL/TLS. All HTTP requests are redirected to use HTTPS automatically. Hence, all communication with Yellowdig is encrypted, using the best encryption mechanisms for similar applications on the web in practice today.
The Yellowdig application is developed using the currently accepted best practices for any application dealing with sensitive information and deployed on the Internet for access by end-users and partners, including encryption and highly restricted access to the development, deployment, and data storage environments.
While "master keys" are stored outside of the application and used at runtime, they are themselves encrypted, requiring only authorized personnel to be able to access and manage the application.
We enforce certain basic minimum requirements for the quality of the passwords that users may choose, their validity periods and variations. Additionally, partners will be able to choose additional policies to have password choices conform to their own policies.
Yellowdig is hosted on AWS. Critical AWS facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff. They utilize video surveillance, state of the art intrusion detection systems, and other electronic means.
User data's are automatically backed up at regular intervals to the Amazon Elastic Block Store (EBS) service and EBS has inbuilt redundancy, saving multiple copies at different locations.
Yellowdig applications are hosted on comprehensively firewalled servers. These firewalls default to disabling any unsupported access mechanism, and carefully configured to only allow access for known services. We build on top of the well-defined and implemented security policies of the AWS services we depend on.
Yellowdig runs on hardened Linux servers. Externally exposed critical patches are addressed within 24 hours.