Security Measures

Responsive website builder uses the following security measures.

Network and Data Communication

Remote access requires VPN connection and two factor authentication.

Antivirus, Malware Protection and Path Management

Automated vulnerability scans are conducted regularly in order to detect web application vulnerabilities.

Backup and Restore

The responsive website builder's static resources (images, files, scripts,) are automatically backed up on a daily basis via AWS AMI. In addition, data is replicated to another AWS data center.

Monitoring and Alerts

Responsive website builder uses several automated monitoring tools meant to detect abnormalities and misuse.

Access Control

All data communication networks with external access are protected by a central firewall. Networks are separated for functionality and usage.

Networks, firewall, SSL Certificates and virtual private network (VPN) is used when accessing the responsive website builder's critical systems.

All TCP outbound communication is SSL encrypted

The responsive website builder's servers are equipped with malware protection and intrusion detection systems.

Central patch management is conducted on a regular basis by AWS for security related updates to ensure known security issues cannot be used to gain unauthorized access to systems and data.

The responsive website builder uses AWS automated backup features that allow it to restore the database state and data to any point in time in the past 14 days. In addition, the builder performs periodic database snapshots via RDS API.

The responsive website builder will not provide user account related information unless proper verification of the identity of the account owner is established.

Delete and Destroy

Customer Data will only be stored for as long as the builder and the partner or customer has an active agreement, and as long as it serves the purposes for which the data was collected. Upon expiration of an agreement with a customer, unless there is a legal or contractual obligation to maintain data for a long period of time, the customer's data will be deleted or at least personal data will be removed.

Physical Security

Access to the responsive website builder's systems and application is granted based on the "need to know" principle. Admin access requires the use of multi-factor authentication and passwords according to the builder's password policy.

Passwords policy is enforced for any user on the platform (account owners, team members, customers). The password is fully encrypted / hashed.

The builder's activities are based on cloud computing services provided by AWS. For further information regarding physical security issues please refer to Physical and Environmental Security section on:

https://d1.awsstatic.com/ whitepapers/Security/AWS_ Security_Whitepaper.pdf