When you log in to Switchboard, we confirm your browser is running TLS 1.0 or higher, which secures the communication from your browser to Switchboard. Our data resides on servers that are protected both physically and electronically. Our platform edge is equipped with strong cipher suites controlled by Transport Layer Security (TLS).

You can find out more about our SSL configuration via this third party analysis provided by Qualys.

Our application servers and databases are hosted on Amazon Web Services (AWS), who’s physical infrastructure is hosted and managed within Amazon’s secure data centers. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

  ISO 27001
  SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  PCI Level 1
  FISMA Moderate
  Sarbanes-Oxley (SOX)

For more information, visit the AWS SOC Compliance FAQ.

Further steps taken with the Switchboard application layer:
  Salted password storage with BCrypt
  Password choice requirements
  Stripping sensative information from application logs

We also use various static security analysis tools such as Brakeman to prevent common vulnerabilities from being deployed.

Did this answer your question?