In the past few years there has been a movement to move data from local computers into the cloud. Cloud Storage provides many benefits: it can be accessed from multiple devices, your data can stay synced between machines, and cloud providers are a backup for your data. One downside to cloud applications is that the user is giving up control of their data and trusting a 3rd party vendor to keep their data safe. As a cloud web application, we designed Release[Board] to be worthy of your trust.
Release[Board] uses SSL on every page of our application and api (app.releaseboard.com & api.releaseboard.com) to ensure that your activity on Release[Board] is encrypted. This is the same encryption used by banks for their web pages. Release[Board] uses a 256 bit encryption algorithm to encrypt your data when we send it to you. Many browsers represent this connection with a padlock icon to notify you that your connection is secure. Many websites do not encrypt even their log in form, which means that if you log into their software from a public place (coffee shop, restaurant, airport, etc.) a hacker can steal your username and password. By using SSL for our forms, we protect you from this.
When you decide to select one our awesome plans, Release[Board] asks you for your credit card so that we can charge you for the plan you selected. When you fill out the credit card form and hit submit, your credit card information goes directly to our payment provider Stripe. Stripe handles all your payment information and then lets us know that your account has been paid for. We then store the last 4 digits of your credit card only so that we can show you which credit card of yours Stripe has on file in case you wish to change cards for a future payment. Your credit card number, security code, expiration month, and expiration year never even touch our servers. We send this information directly to Stripe using the https protocol that encrypts your information when we send it to Stripe. Https is the same protocol used by banks. We don’t even log your credit card info. Release[Board] does this because Stripe handles payment security at the most stringent level possible. They are certified as a PCI Service Provider Level 1 the highest level possible and are used by thousands of applications for their commitment to security. By using Stripe, Release[Board] is also PCI compliant.
Have you heard of all the recent high profile security breaches where users’ passwords have been stolen? Many websites store your password simply as plain text, which means in their data if your password is 123456 then their data says your password is 123456. Software can never be perfect, so to protect this we hash your password using a software industry top tier algorithm. So if there is ever a security breach on Release[Board], when the attacker looks at your password they will see something like fdlksjfferr98weurwiewf instead of 123456. We want to encourage you to use a phrase or even a sentence instead of a single word. We also recommend looking into a password manager such as 1Password or LastPass which will generate a unique random password for each of your logins.
Release[Board] uses several programming languages and frameworks to give you the best scheduling experience. We check for any updates, bug fixes, or patches on a daily basis to ensure that our software is secure.
Release[Board] backups up our customer’s data on a daily basis. If something goes wrong on our end (server failure, etc), we have a copy.
I hope this page has given you a better understanding of how much we value the security of your information here at Release[Board]. If you have any additional concerns feel free to contact us by clicking on the support link. If you have detected any security vulnerability in the Release[Board] software, please click on support and let us know! Good deeds are rewarded!