Data Security Policy
Baseline Data Systems, Inc.
Torrance, CA USA
Data Security Overview
The information you uniquely create and enter into the product belongs to you. We do not assume any ownership or liability for your data. We do not sell customer lists or share any information regarding our customers. Your data is stored on servers in physically secure locations and transferred via SSL encryption. We monitor our systems 24/7 to help ensure up-time and that your data is secure. Access to resources and client information is only available to workers on a need to know basis for the specific requirement of their job responsibilities.
Physical Security
Our servers are hosted at third-party Data Centers located in a "disaster free" zone of the United States and are surrounded by multiple layers of security. The perimeter is a crash-rated wall to prevent vehicle penetration. Access to second perimeter, coolers, switchboards and generators, is behind another wall. Entrance requires both a badge swipe and a personal pin. Only authorized personnel may enter this area. Every door is under video surveillance with local and remote monitoring. The innermost perimeter houses servers and networking equipment. These bank vault rated doors are also monitored by video cameras and require another badge swipe and pin number for entry. They are also equipped with metal detectors. These facilities are regularly reviewed to ensure they are in compliance with local, state and federal laws, and are physically monitored 24/7.
Host Security
Baseline Data Systems regularly reviews information on current security vulnerabilities, including vendor announcements and other industry sources. If security updates are determined to be critical, they are thoroughly tested and deployed in a timely manner. All hosts and services are routinely monitored for integrity and availability. Operations staff review all alerts generated by monitoring systems and respond promptly. Our servers are monitored 24/7 for malicious activity. Administrative access is limited to strictly authorized users. Individual usernames and passwords are required for all machines and data access. Strong password guidelines are in place, including complexity and minimum length requirements.
User Account Security
User access to your account is provided via an Account/User Name pair (or alternatively an email address) and password selected by the end user. Account Names are automatically generated by Baseline Data Systems but can be changed by customer request.
Network Security
Data transfers of customer information is encrypted using industry standard SSL.
Software Security
Baseline Data Systems application code is developed in the United States. Any vulnerability or security issue discovered is reviewed by us and immediately addressed.
Backups
Your data is backed up and restored to a redundant data server daily. Encrypted backups files of your data are also created daily and periodically destroyed. At your request and our discretion, we may restore full or partial data from an older backup to your account for a reasonable fee. You do not have direct access to these backups.
Disclaimer
No data security measures can guarantee 100% security all of the time. While we strive to protect your data from unauthorized use or disclosure, Baseline Data Systems does not warrant or guarantee the security of the data that you provide to us.