In 264 words: Analytical Flavor System's computing infrastructure is provided by Amazon Web Services (AWS), a datacenter with top security and updates. It has been accredited under: ISO 27001, SOC1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II), PCI Level 1, FISMA Moderate, and Sarbanes-Oxley (SOX).
We use the payment processor Stripe which is PCI Service Provider Level 1, the most stringent level of certification. We never store any of your payment information on our servers.
All communication between your employees and our servers are encrypted with either 128-bit or 256-bit SSL Encryption. All user passwords are securely hashed; passwords are never stored in plaintext format. All data access is protected by a role-based access-control mechanism, which only lets users view data for which they have permission. It’s impossible for users to view data from organizations other than their own. In addition to strong security controls, we ensure that the data it collects remains available through full, daily backups, which are retained for 30 days and tested weekly.
Only authorized employees have access to our production infrastructure, and passwords are strictly regulated. We limit access to customer data to a select few employees who need it to provide support and troubleshooting on our customers' behalf. Accessing data center information as well as customer data is done solely on an as-needed basis, and only when approved by the customer (i.e. as part of a support request), or to provide support and maintenance.
Want more information on our security? Just drop us a line! For additional information, check out the security policies for Amazon.