Keeping your data safe

At theCloud we realise that keeping your data safe is a huge concern. We have taken many steps to ensure that your data is secure.

1. All data is sent securely

Once you log in to theCloud, everything that is sent between you and the server is sent using an SSL Certificate. This ensures that the data is encrypted, and helps prevent people from intercepting the data and being able to see what is being sent.

2. Passwords cant be retrieved from the database

You may have noticed that if you forget one of your passwords, we don’t send your old password to you. Instead, we request that you reset your password. This is because we don’t know your password. In fact, it is impossible for us to figure out your password from the encrypted version we store in the database. We also temporarily deactivate your login, so no one can access your account until you click on the link in the email we send you.

3. Auto-logout

Leave your computer unlocked with theCloud logged in? After 20 minutes with no activity you are automatically logged out of theCloud. This prevents people who are walking past from accessing your account and changing things.

4. Administrator and Non-Administrator accounts

If you create a user and set them as a non-administrator, then they can log into theCloud, and see information about your account, but they cant change anything. In the future, we aim to make this much more granular, and let you control exactly what each user can do in theCloud.

5. Validation

We check all the information you give us to make sure it is valid before we do anything with it.

6. Password Strength

Noticed the Password Strength indicator on theCloud when typing in a password? We use defined standards to make sure that your password is secure enough to prevent basic hacking attempts, and wont let you use a weak password.

7. Credit Card Payments

We use Direct Payment Solutions for all credit card transactions, and no credit card details are stored by us.

8. We Record Everything

And when we say everything we mean everything. Every time you log into theCloud and change something, we store a record of it. This way, if something doesnt seem right, we can go back later and double check who did what and when.

9. Client Verification (warning: tech talk)

theCloud is built using ColdFusion. One the great security features of CFML is the ability to enforce all AJAX functions to verify that the request is verified. A GUID is passed around by the server to the client which must be returned in the AJAX call. If you don’t pass the correct GUID, you don’t get to make the call.

Rest assured we take security very seriously here at theCloud, and you can be sure that we have done everything we can to protect your data.

Tags: Cloud Services, security, theCloud
Category: Cloud Services  | Comment (RSS)  | Trackback