Version 5, last updated by Michael Chletsos at 24 Feb 16:22 UTC

Decrease font size Decrease font size

Increase font size Increase font size

Print this page Print this page

Assembla Data Security and Integrity

Assembla takes security and data integrity seriously.  We provide a superior level of protection, monitoring, and redundancy to ensure that you can focus on your work instead of worrying about your data.

PHYSICAL SECURITY

Physical security is provided by our datacenters.  We have two main datacenters at Cirracore (an Equinix Facility) and Amazon EC2.  You can review EC2 policies here and the Cirracore policies here

SERVER ACCESS

Production access is restricted to VPN access with individual user accts and credentials for the administrators.  Our Firewalls are open for the fewest possible ports outside of necessary Assembla ports and the VPN, exposing a limited number of services.  As far as we know this has never been compromised.

BACKUP AND DATA RECOVERY

Assembla runs hourly backups to Amazon S3, and runs real-time replication between servers and sites.

In terms of priorities, we place a higher priority on data integrity than on confidentiality. This means that we do keep your data in several backup locations. It helps us provide a high level of customer service. When you delete it, we maintain copies for one month, because we often get requests to re-install deleted repositories.  We place a higher priority on data integrity and security than on uptime. If we need to take our servers down for a patch, we will do it.  For every bit written by you, we write it at minimum 8 more times for redundancy and backups.

USER ACCESS

Authentication for user services is provided by username and password submitted over SSL.  You may select an IP restriction option.  This limits access to users in specified IP ranges.