Ways we safeguard your data

Last updated 2019-03-25

Data transmission

Data transmitted between a web browser or mobile app and Solve is encrypted using 256-bit Transport Layer Security (TLS 1.2). Older, less secure, web protocols are not permitted.

Data storage

We follow mission-critical data management and backup protocols. All data is written to multiple locations instantly and backed up to our archiving system at least once each day. Backups are further transferred to a second geographic location and secure cold storage to address the possibility of a catastrophic event.

Data at rest, including backups, is encrypted using Advanced Encryption Standard (AES) 256-bit encryption.

Authentication

Clients can enable Google or Microsoft sign-in with all the security provisions those vendors offer; such as two-factor authentication. Where Solve offers password authentication, passwords use one-way encryption through a salted 64-byte hash function.

Sequential failed login attempts are tar-pitted, then blocked, and reported to Solve’s Client Engineers.

The session key the browser uses to communicate with our service cannot be read by JavaScript preventing locally installed software, or other websites, from reading the key stored in the browser’s memory and accessing the Solve account.

Product features

Clients are provided with a range of robust security features to manage data in their account. For example, clients can quickly limit access to groups of records, restrict access to sets of fields, prevent logins, terminate active sessions, restrict access to export data, prevent private data, view activity logs, etc.

At any time Clients can export a copy of all of their database information and all files & photos in their account. The export file is in a standard format readable by most spreadsheet or database applications.

Internal process

Our fundamental business practice has always been and continues to be, to safely store our clients’ data. To earn this trust, we employ numerous security best practices, for example: utilizing only trusted networks, safe-listing access to specific IP addresses, requiring 2-factor authentication, not using root accounts, requiring encrypted connections/data at all times. We also follow the Principle of Least Privilege or granting access to the absolute minimum set of people necessary to fulfill our responsibilities.

Only a few essential staff can access client information. These Client Engineers receive adequate security training before they are given responsibility, with ongoing oversight/supervision and mentoring from senior staff concerning the practices and importance of maintaining client privacy. These Client Engineers are authorized to access information only on an as-needed basis to complete tasks related to the maintenance and operation of the service, or at the client’s request.

Technical environment

Our staff monitor the production environment 24x7 and respond immediately to every system problem, with the goal of making them transparent to our customers.

The Solve service runs on the Amazon Web Services (AWS) cloud-computing platform and benefits from Amazon’s secure, world-class data centers, certified for ISO 27001, PCI-DSS Level 1, and SOC 1 / SSAE-16. Solve operates primarily from AWS’s US East (Northern Virginia) location.

The network utilizes modern load balancer, firewall, DDoS protection, a Web Application Firewall (WAF) and managed security certificates.

Service isolation

The Solve service is physically separate from ancillary services such as website, forums, etc. to decrease the probability that an issue in these areas would affect our core service.

Server configuration

Solve uses multiple servers which act as a single system. The modular architecture of the platform allows us to transparently perform periodic maintenance, isolate/bypass hardware problems, and instantly scale the system in the event of load spikes.

Corporate governance

We adhere to a comprehensive Privacy Policy and Terms of Use policy.

Our company is privately held and has been providing applications services at a profit for almost 20 years. We are solely a business-to-business company and do not offer consumer services.