Overview of the Invoicebus security and reliability
We take security as one of the biggest considerations in everything we do. We believe it is vital that everyone
involved clearly understands the processes and techniques we use to protect your data.
Physical Infrastructure
Invoicebus' hosting infrastructure is provided by Rackspace, a premiere hosting provider and the world’s hosting leader. It is located in the Rackspace Chicago IL data center which is one of 9 state-of-the-art facilities that Rackspace runs across the globe.
The whole area is protected with keycard protocols, biometric scanning protocols, and round-the-clock monitoring. Only authorized personnel have access to the data center.
This is probably one of the safest and most secure places on the planet, built to withstand all kinds of catastrophes (not yet sure about asteriod impact).
|
Redundancy & Back-ups
The Invoicebus database system is carefully designed to be highly available and fault tolerant.
All data stored in our database is instantly written to 3 storage disks, all on separate nodes that reside on redundant power supplies and generators.
Once a day we make additional snapshot of the entire database and replicate it to 9 other data centers on 4 different continents.
|
Data Encryption
The communication between your computer and our servers happens through an encrypted SSL channel, which ensures that any data (usernames, passwords, and content) cannot be intercepted and read by a third-party.
All sensitive data in our database is kept in a super secure form, encrypted with AES-256 – first open symmetric-key cipher approved by the NSA and used by the U.S. Federal Government for storing secret information.
|
Billing Info Protection
All credit card transactions are encrypted and processed using secure payment processor (PayPal, Stripe, or 2Checkout), which is certified to PCI Service Provider Level 1 - the most stringent level of certification available.
That means all card information is transmitted, stored, and processed with the same level of securely as that used by leading banks.
|
Network Firewall
The entire software system runs behind network-based firewall that performs stateful IPv4/v6 packet inspections. It intercepts and inspects all network activity in real-time, so every incoming packet is carefully analyzed before reaching our server.
All deployment servers are monitored 24x7 and are regularly updated with the latest software and security patches.
|
Uptime Record of 99.99%
Even though we strive towards 100% uptime, sometimes we must take Invoicebus to the garage for maintenance, or an unexpected problem might occur that would take Invoicebus offline. We really work hard to limit these interruptions. For now, we have an uptime record of 99.99%.
|
GDPR Compliant
We take General Data Protection Regulation (GDPR) very seriosuly and comply with it to make sure you have complete control over your data.
That means, we constantly review our data inventory and data flows, we revisit and amend agreements and contracts with our third party service providers, we regularly perform impact assesments and risk analysis, we improve our data handling processes and procedures, and finally, we revise our customer data protection agreements to meet the requirenments of the GDPR.
You can learn more about data privacy here.
|
Disclosure
While no method of transmission over the Internet is 100% secure, we work hard to keep up with the best-in-class security technologies and rapidly investigate any reported issues.
If you have any questions, encounter a problem, or discover any vulnerability in Invoicebus, please give us a shout.
We guarantee a human response within 12 hours, and usually faster. We request you to not publicly disclose the issue until it has been addressed by our engineers.
|
Hall of Fame
We are immensely thankful to the following people who have gone out of their way to work with us to find, fix, and disclose security flaws safely:
Thank you for helping keep Invoicebus, our customers, and their clients safe.