Urbandoor understands that the confidentiality, integrity, and availability of our customers’ information are vital to their business operations and our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security.
Security Assessments and Compliance
Urbandoor is hosted and managed on Amazon’s secure data centers and utilizes the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
We use PCI compliant payment processor Stripe for encrypting and processing credit card payments. Urbandoor’s infrastructure provider is PCI Level 1 compliant.
Penetration Testing and Vulnerability Assessments
Third party security testing of the Urbandoor application is performed by independent and reputable security consulting firms. Findings from each assessment are reviewed with the assessors, risk ranked, and assigned to the responsible engineers.
Urbandoor uses Heroku, hosted on Amazon’s AWS infrastructure. Mode information about Heroku’s security practices are available at: https://www.heroku.com/policy/security.
Urbandoor uses Stripe for all credit card processing. More information about Stripe’s security practices is available at: https://stripe.com/help/security.
Maintaining the safety and privacy of your data with Urbandoor is one of Urbandoor Engineering’s top goals. If you are a security researcher (or any other perceptive user) and have discovered a security vulnerability in one of our products, please contact firstname.lastname@example.org. To report something particularly sensitive, you can use the Urbandoor PGP/GPG Key to encrypt your email. We consider reports to this address to be of the highest priority, and will investigate them as quickly as possible.