Internal processing at our company meets the most stringent security criteria. Our employees are bound by a confidentiality agreement. They cannot transmit data outside the company. We use software that monitors the work of individual employees.
The access to servers is protected on two levels. A user needs a password-protected private key to access each level. Additionally, at the first level, a user can log in only at their authorized computer.
Private Key (flash drive) – private keys for the second level are stored in a protected partition on the flash drive. Access to this section is secured by the AES-256 algorithm. Only a fingerprint of the flash drive owner can unlock it. So, if an unauthorized person uses the PC and hacks the password of the private key, they’ll be unable to access the second level without an authorized person.
Communication with our application is secured by HTTPS protocol. HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP network protocol that enables one to secure a connection between a Web browser and a Web server from eavesdropping or forgery of data. It also allows us to verify the identity of the counter-party. HTTPS uses the HTTP protocol and all the data transmitted is encrypted using the TLS. The standard port of the server side is 443. For communication encryption we use a key which is digitally signed by a trusted certification agency.
MonkeyData account passwords are encrypted by bcrypt and are not stored in the cache. They can’t be identified from the database, so it is impossible to find out or infer the user’s password.
All your data for your services are stored in a database in encrypted form. Security is provided by asymmetric cipher, the password is encrypted with a public key.
This cipher is unidirectional and the password can be decrypted only by the private key that is known only to the script which operates communication with the API of the connected service running in a designated area. The method is RSA with a 2048 key length. It is reported that breaking it by “brute force” might be possible on a super-computer in about 1100 years. All communication among servers is encrypted by 128 bit or 256 bit (according to the disposition of your browser) keys through TLS cryptographic protocol.
All passwords and sensitive data are stored in encrypted form with the inability to obtain the original without the private key which is NOT stored in the same database. So even if someone “gets” into the database he would not be able to obtain passwords and keys in the original form.
The private key is in a secure location and is accessible only to a script (running in a restricted area) which operates the communication through a secure connection with other servers (GoogleAdwords API, Google Analytics API etc.).
For ensuring the uninterrupted operation of our service we use several Web and database servers in the Google Cloud Platform. The internal architecture and server configuration, however, is kept under strict confidentiality.
Google reiterated its commitment to the security needs and added two new certificates to the Google Cloud Platform: ISO27017 for cloud security, ISO27018 for privacy and ISO27001 (renewed). More information on the Google Cloud Platform Compliance is available here.