Security Overview
Footprinter takes data security very seriously. It is a core part of our strategy. We have developed and implemented a comprehensive set of practices, technologies and policies to ensure your data is always safe and secure.
Our strong belief is that if you currently maintain your sustainability data on personal computers (e.g. in PC installed LCA tools, spreadsheets), Footprinter is a better level of security.
The following is an outline of our data security strategy. We believe in transparency and are happy to discuss security with you in detail and in person.
It's your data
Your data belongs to you — and only you. You own it and you control it. You decide who you share it with and how you share it.
Your data is always backed up
While you work, your data is being automatically backed up. We do this routinely during the day at our primary data center. And daily, we back up your data to an offsite, super secure, industry leading, large-scale data repository. If you need your data restored, we can start immediately and it usually takes less than an hour.
Strong encryption and authentication
The communication between your computer and our servers is encrypted. All internet traffic is over HTTPS. We employ industry standard 256 bit encryption.
Account passwords are hashed on our servers and cannot be recovered. Session authentication uses HTTP Only and secure cookies. The invite process uses the standard email verification step.
Security first
Footprinter is built on web services and therefore benefits tremendously from the incredible array or powerful data management and security policies now available. While Footprinter uses, looks for and is constantly evaluating state-of-the-art web technologies, security is always our first concern. As part of our use of industry best practices, all our network services are via by the Ubuntu distribution which provides ongoing security updates.
We also routinely scan our installation for vulnerabilities (this is basically mounting our own hacker attack) using the industry leading Qualys set of security management tools. We are happy to provide you with our most recent scan results.
World-class data center
Footprinter is hosted in a world-class, cloud-based data center. Our provider is one of the largest in the world and specializes in hosting scalable web applications and high-traffic websites. Our hosting provider employs state-of-the-art physical, network and people securityprocesses. We manage our server installation with incredibly powerful performance dashboards and deployment tools. We are happy to provide further details of our hosting.
Just footprinting
Unlike your own data centers that house many different types of applications, data store and network connections, Footprinter is just footprinting. We have a narrow application that is very tightly defined and managed for security, performance and scalability. Our narrow focus simplifies the security challenge tremendously by minimizing vulnerabilities.
Each Footprinter site is deployed with its own database instance. This means that your data is not stored side-by-side with someone else’s data. And given the nature of our web-services implementation, the services that your applications use to work on your data are also not shared – they are tasked with your job and only your job.
Our people
Footprinter staff never accesses your data. We have no reason to. We are not a consulting firm. We create applications that you use to gain insight into your sustainability challenges and move forward on them. Control and access to our sever installation is in the hands of one person only – our CTO (and he is happy to talk with you).