PostRFP has an ongoing commitment to ensuring the security and privacy of your data.
PostRFP servers are only hosted in datacenters with ISO 27001 certfication and via service providers complying US/EU Safe Harbor Privacy certification.
The network perimeter is protected by a firewall and is monitored by intrusion detection systems.
For transport encryption, PostRFP's primary servers operate under TLS 1.2 with 256 bit AES_256_GCM encryption, SHA1 for message authentication and ECDHE_RSA with P-256 for key exchange.
Our robust application security model prevents one PostRFP customer from accessing another's data. This security model is reapplied with every request and is enforced for the entire duration of a user session.
PostRFP enforces tight operating system-level security by using a minimal number of access points to all production servers. Our servers permit only key-based authentication, are firewalled, and run intrusion detection software. Operating systems hardened by disabling and/or removing any unnecessary users, protocols, and processes. Real time intrusion detection software scans for attacks.
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is firewall restricted to specific IP addresses for replication.
All customer data is stored on carrier-class disk storage using RAID disks and multiple data paths. All customer data, to the last committed transaction, is replicated to geographically distinct location. Snapshots are taken every 12 hours, and binary logs are preserved on replication slaves in addition to the master.
PostRFP uses a geographically remote disaster recovery facilities along with the required hardware, software, and Internet connectivity to ensure continuity in the event that our production facilities were to be rendered unavailable.