YOUR DATA IS SECURELY TRANSFERRED AND STORED.
All network communications within the RedZone platform are secured with 256-bit SSL (TLS 1.2) connections to keep your data safe through every step of the process.
Our application development process is designed to allow us to address security vulnerabilities, based on severity, as part of our standard release cycle.
Within AWS, RedZone's instances are segmented into separate networks to provide additional controls over data flows within the system. All instances, including those not accessible to the public, are hardened and managed with automated configuration management.
We implement a least privilege approach to ensure that only administrative staff have access to the RedZone database in accordance with the RedZone Terms of Service. Access to the RedZone AWS infrastructure is managed by our corporate single-sign-on (SSO) solution, which requires multiple factors to grant access.
All RedZone staff undergo a background check and sign a confidentiality and non-disclosure agreement. Aside from our use of AWS, we do not outsource any aspect of RedZone development, operation, or administration.
For disaster recovery, a cold standby is maintained in a separate availability zone and kept in sync via streaming replication. We run nightly full backups of the RedZone database, which are retained for 30 days.