CodeGuard uses Amazon Web Service’s Simple Storage Service (S3) to house website and database backup data. This service was selected because it provides 99.999999999% durability by storing data redundantly across multiple physical locations. In addition to being able to withstand two simultaneous datacenter failures, all customer backup data is encrypted using an AES-256 bit key.
The data is physically stored in Amazon Web Services “US Region,” which includes one or more datacenters in the following US cities:
Dallas/Fort Worth, TX
Los Angeles, CA
New York, NY
Palo Alto, CA
San Jose, CA
South Bend, IN
St. Louis, MO
CodeGuard systems involved in performing backup or restoration activities have access to unencrypted customer data for the duration of these scheduled operations. Select members of the CodeGuard Engineering and Operations team have access to the systems that are used to perform these tasks. It is our policy that we only inspect a customer's data if we have explicit written permission from the customer.
Safe Harbor Principles
The U.S. - EU Safe Harbor Framework includes the following seven principles:
Notice - Individuals must be informed that their data is being collected and about how it will be used.
Choice - Individuals must have the ability to opt out of the collection and forward transfer of the data to third parties.
Onward Transfer - Transfers of data to third parties may only occur to other organizations that follow adequate data protection principles.
Security - Reasonable efforts must be made to prevent loss of collected information.
Data Integrity - Data must be relevant and reliable for the purpose it was collected for.
Access - Individuals must be able to access information held about them, and correct or delete it if it is inaccurate.
Enforcement - There must be effective means of enforcing these rules.
CodeGuard is in the process of obtaining U.S. - EU Safe Harbor certification.
How secure is CodeGuard?
CodeGuard relies upon industry best practices to protect customers’ data. All backups and passwords are encrypted, secure connections (SFTP/SSH/SSL) are utilized if possible, and annual vulnerability testing is conducted by an independent agency. To-date, there has not been a data breach or successful hack or attack upon CodeGuard.