All data is written to multiple disks instantly, backed up daily, and stored in multiple locations within the United States. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.
Whenever your data is in transit between you and us, everything is encrypted and sent using HTTPS. Portfolio entry data, messages, documents, and comments are not encrypted at rest — they are active in our database. Our backups of your data are encrypted using enterprise-grade encryption (AES 256-bit key), the data is encrypted before it leaves the server, and remains encrypted while stored.
Our servers — from power supplies to the internet connection to the air purifying systems — operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.
Our state-of-the-art servers are protected by biometric locks and round-the-clock interior and exterior surveillance monitoring. Only authorized personnel have access to the data center. 24/7/365 onsite staff provides additional protection against unauthorized entry and security breaches.
Our software infrastructure is updated regularly with the latest security patches. While perfect security is a moving target, we work with security researchers to keep up with the state-of-the-art in web security.
Submit a support request if you have other security questions and we'll get back to you as quickly as we can.