RiskKey is hosted by Softlayer. Softlayer has undergone extensive testing and is an industry recognized leader in hosting. They have completed a Type II SAS70in which the indepedent audit firm found controls to be reliable and effective. For more information click here.

Additionally, RiskKey has been and will be regularly tested by independent third parties using industry best practices. This process includes a combination of penetration tests, vulnerability scans, and web application assessments (including scans for buffer overflows and cross-site scripting vulnerabilities).

Application Design

RiskKey has been designed from the ground up with security in mind. Development includes industry best practices from a combination of techniques including Agile Development and the Systems Development Lifecycle. Code is independently reviewed and tested, and follows a well controlled change management process. Furthermore, Ruby on Rails as a programming language is inherently protected against popular cross-site scripting attacks through increased authentication requirements.

Managed Hosting & Security

RiskKey is hosted on Softlayer's cloud infrastructure. As mentioned, Softlayer is a recognized leader in web-based services, and helps ensure that the environment is monitored on a 24/7/365 basis, and that data is appropriately backed up and secured. Special attention is given to new software updates to ensure that all systems are appropriately patched to meet provide the latest functionality as well as protection against malicious internet activity.

These cloud services are monitored by both the Softlayer and RiskKey teams.

In short, it doesn't get much better than this.

SSL/TLS (Secured Socket Layer / Transport Layer) Security

All information sent to and from RiskKey servers are protected using a security certificate by GoDaddy, Inc. The certificate supports ciphers up to 2048-bits in strength. This is geek speak for "good."

Accessibility

RiskKey is fundamentally secure. Read/write access is privileged and based on authentication requirements. In short, your data is as secure as you want it to be.

Storage

Passwords and files are both encrypted during storage. Passwords are encrypted in an irreversible fashion. Files are encrypted using a two key method before they are stored. Files are encrypted using a two key method before they are stored. Additionally, all data hosted by RiskKey's cloud is regularly backed up with file and volume snapshots. You won't have to worry about losing your data.

Additional Resources

For more information, please visit these links for more information on Amazon's details:

• Softlayer
• Softlayer SAS70
• Softlayer FAQ