Is my data safe and secure?
All repositories and servers are hosted at ServerCentral's data center (located outside of Chicago). It is the most sophisticated facility in the Midwest. We provide multiple levels of backups and redundancy to ensure uptime and peace of mind. This includes:
- Fully redundant machines for Subversion, Git and Web environments
- High-speed, redundant storage
- Secure off-site backups and snapshots every minute
- SSL encryption on the web and repository servers
- Separately hosted Help system and Public site
- Rigid employee policies (we will never access your data unless we have your permission)
Physical security
We host our servers in one of the most impressive data centers in the country. A DuPont Fabros facility, it is Type 2 SSAE 16 SOC 1 accredited and includes keycard protocols, biometric scanning protocols and round-the-clock surveillance. Our environment is colocated, meaning we have full control of the physical environment and only our policies affect the access and use of the hardware, network and software.
To learn more about the data center, read all about it on ServerCentral's website.
Data communication, security and retention
All access to the Beanstalk interface is secured over SSL (HTTPS), ensuring the information is encrypted. Additionally, we provide both SSH and HTTPS connections to the repositories, ensuring the code and data transferred is encrypted. Account passwords are hashed and salted (encrypted) in the Beanstalk database, preventing even our own staff from viewing them.
All customer data resides behind a secure, redundant infrastructure, hosted at Server Central. The servers are fully owned and managed by Wildbit. Please see above for full details on the physical security.
We do not encrypt repository data on our file servers since it must be decrypted in the interface. We do have strict internal policies on who can access this data and when. See employee policies below.
Employee policies
Only a select few have access to the servers where data is stored. We go to great lengths to ensure the right balance between support and a secure infrastructure. Employees can only access accounts if they have explicit permission from an account owner or the account is in review for compliance of the Beanstalk Terms of Use.
Redundancy and backups
Beanstalk contains redundancy in as many areas as possible to avoid and recover from failure. This includes a load balanced and clustered environment with automatic recovery on physical hardware failures. Our data center includes redundancy across all aspects of potential failure including network transit, routing, and power.
Customer data is stored across redundant disk arrays with high availability failover protection. Backups are performed every minute (yes, every 60 seconds) and transferred offsite in accordance to our disaster recovery plan.
Reporting a security issue:
If you have discovered a security issue, please report it through our responsible disclosure process.