ClickGUARD - Security
Effective Date: May 2018
This Security Policy (“Policy”) explains the security measures ClickGUARD Software LLC.”ClickGUARD”, “us”, “we” or “our” employs to protect the content posted in private Workspaces (as such term is defined in our Terms of Service) on our website (the “Site”). As our policies and procedures may change from time to time, we reserve the right to update and modify this Policy at any time. We will post changes to this Policy on the Site and will update the revision date at the top of this Policy.
1. Your Account Data Is Always Kept Private
All content posted in your account is designated as private. This means that users who have not been invited to join your ClickGUARD account are not allowed to see the data posted there. Only the authorized users whom you invite to your account via the sub-accounts feature have access to your data.
2. You Own Your Account Data and Control Who Has Access to It
The owner of an account retains control and rights over all content posted within that account. They also control who is permitted to access the account. If a user’s permission to access an account is revoked in accordance with the procedures set forth on the Site, then such user will no longer be permitted to access the account or the data posted in such account.
3. World-Class Datacenter and Database
ClickGUARD uses GCP (Google Cloud Platform) for hosting their software, and is delivered from SSAE16 audited data centers located in the United States.
We periodically store encrypted snapshots in distributed geographic regions for disaster recovery.
4. User Account Security
Each ClickGUARD user has their own account and password, which is stored in a hashed format (bcrypt). Users must provide an email address and password to begin a session with ClickGUARD.
6. Network and System Security
ClickGUARD uses a dedicated environment for the production application. We use a firewall configured with default deny policy, and run an intrusion detection system. Only specific authorized employees have access to the production network and hosts, and all access is logged and monitored.
7. Servers and OS
ClickGUARD uses GCE (Google Compute Engine) for virtual machines. We build machine images that install only the software necessary to operate the Site. Our provisioning and configuration of GCE virtual machines are fully automated and repeatable. We promptly apply security updates to production hosts.
8. File Storage
ClickGUARD uses the Google Cloud Storage Standard for file storage. All files are encrypted at rest. We store an encrypted copy in another geographic region for disaster recovery purposes.
9. Data Encryption
10. Security Audit
ClickGUARD routinely reviews code internally for security issues. In addition, we may employ a third-party to perform periodic security audits of our application.
ClickGUARD commits to a 99.9% SLA for monthly availability and plan accordingly. We maintain a high-availability configuration, with built-in “hot” redundancy to handle failure of individual components. We use automated monitoring to page on-call team members for availability issues.
12. Software Development Lifecycle
ClickGUARD uses a version control system to track changes to our code base. Changes to the code base go through a suite of automated tests. Additionally, code changes are reviewed by another developer. Changes are pushed to a staging server for thorough testing before being released into production.
Releases are generally deployed during a planned outage window, typically Saturday AM, US Pacific Time. Urgent changes may be deployed (e.g. a security patch) at any time as needed.
16. Learn More
Have a concern? If you have any questions about the security of ClickGUARD, please contact us.