Log In

Log In

Not registered yet?

Reset password Activation link

Forums ~ FAQ's

Data security

July 21, 2011

Igor Petrushenko
July 21, 2011

Is QuintaDB secure?

We’ve done everything possible to ensure a safe keeping of your data and the data you collect. Our servers are backed up onsite and offsite to data centers.

How safe is your server?

Our servers are located in a secure environment. We use RackSpace. All data is located in the USA. We also use Standard encryption and security technologies (128 bit SSL encryption) are employed to prevent interference or access from outside intruders.

Only employees of QuintaDB .com can access our servers, and they only have access to your data when you expressly request help or in the course of identifying and resolving problems with QuintaDB.com service.

All data that resides on our servers is archived regularly in the event of any malfunction that causes data loss.

Will anyone be able to see my data?

Yes, if you wish. Your data can only be accessed by registered users in your application, unless you actively choose to make it public. The administrator of each application (i.e., you) controls registration of new users and what sort of access every user has.

As a company that takes data security and privacy very seriously, we recognize that QuintaDB’s information security practices are important to you. While we don’t like to expose too much detail around our practices (as it can empower the very people we are protecting ourselves against), we have provided some general information below to give you confidence in how we secure the data entrusted to us.

Data Center Security

  • QuintaDB serves thousands of databases a month for thousands of users. We use multiple MTAs, placed in different world-class data centers around the United States.
  • Our data centers manage physical security 24/7 with biometric scanners and the usual high tech stuff that data centers always brag about.
  • We have DDOS mitigation in place at all of our data centers.
  • We have a documented "in case of nuclear attack on a data center" infrastructure continuity plan.

Protection from Data Loss, Corruption

  • All databases are kept separate and dedicated to preventing corruption and overlap. We have multiple layers of logic that segregate user accounts from each other.
  • Account data is mirrored and regularly backed up off site.

Application Level Security

  • QuintaDB account passwords are hashed. Our own staff can't even view them. If you lose your password, it can't be retrieved—it must be reset.
  • All login pages (from our website and mobile website) pass data via TLS.
  • The entire QuintaDB application is encrypted with TLS.
  • Login pages and logins via the QuintaDB API have brute force protection.
  • We perform regular external security penetration tests throughout the year using different vendors. The tests involve high-level server penetration tests, in-depth testing for vulnerabilities inside the application, and social engineering drills.

Internal IT Security

  • QuintaDB offices are secured by keycard access and biometrics, and they are monitored with infrared cameras throughout.
  • Our office network is heavily segmented and centrally monitored.
  • We have a dedicated internal security team that constantly monitors our environment for vulnerabilities. They perform penetration testing and social engineering exercises on our environment and our employees. Our security team includes OSCP and CISSP certified members.

Internal Protocol and Education

  • We continuously train employees on best security practices, including how to identify social engineering, phishing scams, and hackers.
  • Employees on teams that have access to customer data (such as tech support and our engineers) undergo criminal history and credit background checks prior to employment.
  • All employees sign a Privacy Safeguard Agreement outlining their responsibility in protecting customer data.
  • In order to protect our company from a variety of different losses, QuintaDB has established a comprehensive insurance program. Coverage includes, but is not exclusive to: coverage for cyber incidents, data privacy incidents (including regulatory expenses), general error and omission liability coverage, excess cyber liability coverage, property and business interruption coverage, as well as international commercial general liability coverage.

QuintaDB’s credit card processing vendor uses security measures to protect your information both during the transaction and after it is complete. Our vendor is certified as compliant with card association security initiatives, including the Visa Cardholder Information Security and Compliance (CISP), MasterCard® Site Data Protection Program (SDP), and Discovery Information Security and Compliance (DISC).

Protecting Ourselves Against You

Yes, you heard that correctly. We can secure ourselves like Fort Knox, but if your computer gets compromised and someone gets into your QuintaDB account, that's not good for either of us.

  • We monitor and will automatically suspend accounts for signs of irregular or suspicious login activity.
  • Certain changes to your account, such as to your password, will trigger email notifications to the account owner.
  • We monitor accounts and campaign activity for signs of abuse.
  • In addition to our scalable algorithms, we employ another layer of human reviewers, who monitor for anomalous account and email activity.
  • We provide the ability to establish tiered-levels of access within accounts.

March 14, 2018

Thanks very much for the support. The information was very useful.
May be to ask you one more question, Can i host my application on our Company’s website?

Igor Petrushenko
March 14, 2018

Yes, via Widgets. See Widgets section.

March 14, 2018

Thanks alot chief. Now am good to go will keep you posted as soon as possible on the way forward. Just waiting for approvals now from my bosses.

Share the discussion in the social networks: