At DevResults we are dedicated to helping global development practitioners capture, organize and use their data. We consider it a privilege that so many leading organizations have chosen us as their partner in this effort and we fully appreciate the trust that they have placed in us. For this reason, security is a central priority for us.
To protect our customers’ data, we utilize the best infrastructure and practices available for software development and hosting; we implement operational protocols that mitigate risk; and we equip our customers with in-app features that make it easy to manage security within their DevResults sites.
DevResults is hosted on Microsoft’s Azure Infrastructure as a Service Cloud (IaaS). By hosting on Azure, our clients benefit from world-class physical and network security, as well as active threat management. We also use Cloudflare’s internet security services to protect our website from online threats.
We use industry-standard best practices to help us develop fundamentally secure software. We continuously monitor new developments and practices and proactively incorporate them into our development process.
We carefully manage and limit infrastructure access and use automated processes to control software and data changes. We protect account passwords and other critical data using the latest industry standards to prevent disclosure in case of a data breach. We constantly review internal policies for opportunities to improve security while maintaining productivity.
We understand our clients’ data is critical. To ensure availability and enable rapid recovery we backup client data continuously, store backups in multiple geographic locations, regularly test recovery procedures, and retain backups for at least 30 days.
We understand the importance of controlling access to personal and organizational data. DevResults provides a rich in-app security model that lets customers organize their users into groups and control each group’s ability to view or change different categories of data. We also provide a full change history that ensures administrators can always see who changed what and when.
We’re continually re-assessing our security infrastructure and practices; as we make changes we’ll update this document as needed. Meanwhile, if you have any questions about security at DevResults, please don’t hesitate to reach out to our security team.
Last updated: October 5, 2016