Perdoo is served 100% over HTTPS. All data sent to or from Perdoo is encrypted in transit using 256-bit encryption, using SHA-256 with RSA Encryption and SHA-256 ECDSA as the key exchange mechanism. Our API and application endpoints are TLS/SSL only and score an “A” rating on SSL Labs’ tests. In addition, all connections from our application servers to our databases are TLS encrypted. Finally, user passwords are always encrypted, in addition to encryption in transit.
All databases used by Perdoo are encrypted at rest, meaning that we also encrypt the database files on the hard disks themselves. Data encryption is deployed using industry-standard encryption and best practices for every framework we use.
Credit card safety
As a paying Perdoo customer, we do not store any of your card information on our servers. We use Stripe and ChargeBee to handle this, both companies dedicated to storing your sensitive data on PCI-Compliant servers.
Our PostgreSQL databases offer continuous rollbacks, so we can quickly recover from a database failure. It also takes regular snapshots of the database and securely moves them to a separate data center so that we can restore them elsewhere as needed, even in the event of a regional Heroku or AWS failure. All backups are encrypted and transferred to an external data center while preserving data residency (Europe) using a secure TLS connection.
After a 30-day window, with the exception of any information that we are legally required to retain, an automated process deletes or anonymizes all data in the platform related to the expired contract.
Server logs are retained for 7 days though they do not contain any personal or sensitive/confidential information. Only our CTO and Security Team are able to view the server logs.
In the event of a data breach, we would notify affected customers within 72 hours of becoming aware of the breach. In the event that personal data was involved, we would also notify the governing body for data privacy in Germany, where Perdoo is subject to GDPR.
We have two-factor authentication (2FA) and strong password policies for all services that our employees use. These include Slack, Intercom, AWS, Heroku, GitHub, and Google. We also encrypt the hard drives on all the laptops used within Perdoo by our employees.
Employee laptops are encrypted before the employee receives the laptop. Apple devices use Filevault 2, and Linux devices use dm-crypt with LUKS. Additionally, we’re mainly on Apple, which is substantially harder to attack than Windows.
All new Perdoo staff undergo data security training and we conduct reference checks for all new hires.
There is only one employee with access to the production databases: our CTO. This is purely for Engineering purposes and access times are kept as low as possible.
Access to our admin panel where employees can gain access to customer accounts is limited to only those employees who require access. Perdoo employees are not able to access customer accounts without explicit confirmation from the customer that they are happy to grant access to the account. Access to our admin panel is audited monthly and is granted based on the principle of least privilege, where requests must specify the level of permissions the individual needs to access, and are time-bound. Relatedly, Perdoo employees’ rights within third-party tools are granted based on the principle of least privilege – employees do not have administrative rights unless completely necessary.
All Perdoo employees must use the 1Password password manager to ensure password security across all applications and website logins. For detailed information on 1Password’s own security, please read this article.
All employees are also trained to tackle social engineering attacks. In addition, as we’re a small team, it’s very difficult for someone to pretend that they are someone important from another business division.
Physical access to our office locations
Even though we do not rely on physical locations to process customer data, our office spaces are extremely secure. There is always an authorized person on the front desk, there is 24/7 CCTV across the building, the building makes use of sophisticated alarm systems, and all employees access the building using keycards. These keycards are “blank” – they do not contain the employee’s name, company logo, or building address.
Within the Perdoo Product, there are three user roles that determine the permissions of each user in the platform. Administrators can assign roles when inviting new users to the platform, or when editing a current user. Administrators can see the Last Activity, role status, and can deprovision users from a central administration interface in the Perdoo application.
We offer Single Sign-On via Google and SAML. Clients can enable Two-Factor Authentication with all types of SSO. Automatic user provisioning can be accomplished via all types of SSO. Additionally, authentication tokens for SSO are signed and verified with SHA-256 grade cryptographic hash function.