Is IdeaGlow Secure?

Security of your data is our #1 priority

Physical Security

• Our servers are collocated in a secure, carrier-class data center facilities in Virginia and California (United States) with 24-hour manned security, biometric access control, and video surveillance.
• Our data centers meet the industry's highest security standards and are SAS-70 Type II and SysTrust certified.

Network Security

• Our network perimeter is protected by state-of-the-art firewalls and monitored by intrusion detection systems (IDS).
• We proactively analyze firewall and IDS logs to detect and prevent security threats.
• We employ nationally-recognized, 3rd-party security firms to perform ongoing vulnerability assessments of our network infrastructure.

Server Security

• We safeguard our servers and systems using network address translation, port redirection, and other proprietary techniques.
• We achieve tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database.
• We maintain all operating systems at each vendor's recommended patch levels for security and further harden them using proprietary techniques.

Application Security

• Users can access IdeaGlow only with a valid email and password, which are encrypted via SSL during transmission. We use an encrypted session ID for each user.
• We employ a strong, multi-layered application security model to prevent one customer from accessing data of another customer under any circumstances.
• IdeaGlow uses end-to-end SSL (Secure Socket Layer) encryption to encrypt all of your data during transmission.
• An account administrator designated by you is the only one who has the authority to manage your users' login accounts.

Data Security

• We restrict access to our production databases to a very limited number of very carefully screened personnel.
• Our customers own all of their data. IdeaGlow employees cannot access customer data without permission from the customer.
• We store all passwords and other sensitive data in our databases using strong one-way encryption.

Reliability

• We have configured all networking components, load balancers, and web/application servers in a redundant manner.
• All of our customer data is stored using a redundant database server cluster, and on carrier-class RAID disk storage.
• We employ geographically distributed (West Coast and East Coast of the US), quadruple data backup. This includes real-time backups as well as nightly backups, including an automatic nightly backup to a primary tape library. Backup tapes are moved to a secure, fire-resistant, off-site storage regularly.
• Our data center features fully redundant electrical generators, UPS, air conditioners, and other backup equipment designed to keep our servers continuously running.
• As a result of all these, 100+ customers in 4 continents enjoy 24x7x365 reliability. We have consistently delivered 99.95% uptime since our inception, so you can count on us.