We take great pride in our security. Below is an outline of the immense and complex work that has gone into keeping our customers assets safe
- Performing third-party security assessments.
- Sub-dependencies are checked for security and performance issues.
- We follow strict compliance with source code licensing and open-source licensing.
Management of Access Keys
- ioGates.com maintains a strict policy for assigning and distributing keys that may access any production or development systems.
- Access keys are never stored in any version control system.
- Access keys are never stored anywhere as plaintext.
- Individual access keys are generated per employee with developer-only access.
Remote Access Control and Encryption
- End-to-end 256 bit HTTPS SSL Encryption using Extended Validation (EV) Certificates.
- All non-essential ports and links to external network interfaces are blocked by default.
- Plan against security threats, vulnerabilities, and risks.
- Account passwords are stored with hashes.
- Client communication sessions are validated server-side.
- ioGates do not store financial data or credit card information.
- All power and networking have redundant failovers to prevent service disruptions.
Laptops and mobile devices
- All company laptops use encryption for storing of any potentially sensitive data.
- All company laptops use anti-malware and antivirus software.
- ioGates employees are instructed in best practice security standards.
- ioGates developers only work with anonymized data.
- ioGates hardware is co-located in Interxion Copenhagen data center.
- Interxion Copenhagen is ISO 27001 and SOC2 compliance.
- ioGates server location within the Interxion data center is Tier 3 certified.
We’ve been developing ioGates since 2003 – See available features here