We understand the sensitivity of your data and we take all the necessary steps to safeguard it. Keeping our services secure is fundamental to the nature of our business. That's why security is our number one priority.
We use SSL/TLS encryption on all our websites and microservices satisfying the highest security and data protection standards. We regularly verify our security certificates and encryption algorithms to keep your data safe.
The data you send through Ave To Go is encrypted in transit. Credential user names are encrypted and passwords are hashed.
We do not access or use your content for any purpose without your consent. We never use your content or derive information from it for marketing or advertising.
We do not disclose customer information unless we're required to do so to comply with a legally valid and binding order. Unless prohibited from doing so or there is clear indication of illegal conduct in connection with the use of our products or services, we notify customers before disclosing content information.
Our physical infrastructure is hosted on bare metal Kubernetes in Tier IV datacenters including Equinix and Digital Realty. The following is a partial list of assurance programs Equinix and Digital Realty comply with, but please consult our security team for further details:
* SOC 1/ISAE 3402, SOC 2, SOC 3
* FISMA, DIACAP, and FedRAMP
* PCI DSS Level 1
* ISO 9001, ISO 27001, ISO 27017, ISO 27018
Software-defined network segregation is utilized to restrict access to our network from external networks and between systems internally. By default, all access is denied and only explicitly allowed ports and protocols are allowed based on business requirement. Each system is assigned a security group based on its function.
Backend access to the OS level is limited to Build io, Inc staff and requires key authentication and multi factor authentication.
We follow the principle of least privilege both internally by restricting our staff's access to the minimum permissions needed to perform their work, as well as externally by asking the user for the minimum permissions required by our service when accessing 3rd party systems on the user's behalf.
If you find a bug or security issue on our website, please let us know about it by sending an immediate e-mail to security@build.io.
If you'd like more detail about our security processes and practices, please email us: support@build.io.