The Sustainability Project Security Policy
Maintaining an evolving service secure requires a constant re-evaluation of risks and actions to mitigate them.
The Sustainability Project does a reasonable attempt at keeping your information secure using time tested guidelines.
If you need to report a security vulnerability or have any questions regarding our security policy, please e-mail our security chief directly.
All of The Sustainability Project online services are hosted at Amazon. As many well-known major web sites, we rely on Amazon physical security to its data centers.
Backups are kept off-line off-site.
All communications to the authenticated service are done through SSL.
We are running latest operating system distributions and install security patches as they become available. Since you cannot hack something that is not there, we are always on the look out to remove unnecessary packages in the first place.
On top of Amazon security policies, each virtual machine is configured with its own firewall with only the minimum number of ports open.
Solely the strict minimum number of The Sustainability Project employees have shell access to the The Sustainability Project infrastructure.
We monitor all access and attempted access to the virtual machines that provides The Sustainability Project service.
Credit card safety
When you refill an Organization credit, we do not store any of your card information on our servers. It's handed off to Stripe, a company dedicated to storing your sensitive data on PCI-Compliant servers.