Last updated on: April 20, 2018
We apply multiple tiers of security measures to ensure continuous access to our services and protection of your customer data.
All connections to the Enchant web interface and Enchant REST API are encrypted by TLS. Non-encrypted connection attempts are automatically redirected to the encrypted equivalent.
All inbound and outbound email connections (SMTP) support TLS.
All user and admin passwords are stored in a hashed format. This means that even our staff have no way to know your password. If you lose your password, your only option is to reset it.
We support Single Sign On (SSO) through Google Apps.
Enchant supports access controls within the application to limit what data is visible to your users.
We design software with security, stability and availability in mind.
All development changes go through peer code review, automated testing and automated deployment processes. We utilize continuous integration and continuous delivery to deploy code to production multiple times a day.
We process credit card payments through Stripe, whose security details are available at https://stripe.com/docs/security. Enchant does not receive or directly store credit card data for it’s billing processes, making it compliant with Payment Card Industry Data Security Standards (PCI DSS).
Enchant is hosted on the Amazon Web Services (AWS) cloud platform. AWS undergoes various third-party independent audits on a regular basis for its data centers, infrastructure, and operations. This includes, but is not limited, to SSAE 16, SOC 2, PCI DSS Level 1 and ISO 27001.
Our employees do not have physical access to AWS data centers, servers, network equipment, or storage.
Enchant runs on a Virtual Provide Cloud (VPC) within the AWS data centers, which provides strong firewalls and logical access controls. Access to the VPC is limited to our operations staff only.
The Enchant operations team ensures all systems are regularly updated with available security patches.
Where available, all third party systems and services have 2 Factor Authentication (2FA) enabled.
Enchant uses redundant systems to minimize the impact of any system or network failure. This also allows us to deploy code to production without any downtime.
We maintain regular secure backups of all customer data.