Security Overview

Updated on June 9, 2021

Security Overview

We protect your data.

All data is written to multiple disks instantly, backed up daily, and stored in multiple locations. Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure.

Your data is sent using HTTPS.

Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS or other encrypted tunnels when communicating whether outside or inside our Infrastructure. Outside connections are authenticated using JWT tokens or API tokens.

Any files which you upload to us are stored and are encrypted at rest. Our application databases are encrypted at rest — the information you add to the applications is active in our databases and subject to the same protection and monitoring as the rest of our systems.

Full redundancy for all major systems.

Our cloud servers — from power supplies to the internet connection to the air purifying systems — operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.

Sophisticated physical security.

Our state-of-the-art servers are located in a Google data center protected by biometric locks and round-the-clock interior and exterior surveillance monitoring. Only authorized personnel have access to the data center. 24/7/365 onsite staff provides additional protection against unauthorized entry and security breaches.

Regularly-updated infrastructure.

Our software infrastructure is updated regularly with the latest security patches. Our products run on a dedicated network which is locked down with firewalls and carefully monitored. While perfect security is a moving target, we work with security researchers to keep up with the state-of-the-art in web security.

We protect your billing information.

All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-Compliant network.

Constant monitoring

We are dedicated to maintaining your account’s security on our systems and monitoring tools we’ve set up to alert us to any nefarious activity against our domains. To date, we’ve never had a data breach.

We also audit internal data access. If a B2B Ninja employee wrongly accesses customer data, they will face penalties ranging from termination to prosecution. Again, to our knowledge, this hasn’t happened.

We have processes and defenses in place to keep our streak of 0 data breaches going. But in the unfortunate circumstances someone malicious does successfully mount an attack, we will immediately notify all affected customers.

Over 7 years in business.

We’ve been around the block and we’ve seen a lot of companies come and go. Security isn’t just about technology, it’s about trust. Since 2014, we’ve worked hard to earn the trust of our customers. We’ll continue to work hard every day to maintain that trust. Longevity and stability is core to our mission at B2B ninja.

Subprocessors

We only utilize providers that have a proven track record of security, and whom we believe are the most equipped to handle our customers sensitive data. We also have DPAs in place with them to ensure that they best privacy and security standards are being used in regards to your data. For more information on the subprocessors we use and the details of the DPAs follow the links: B2B Ninja Subprocessors and Company Subprocessors.

Want to know more?

Email us at [email protected] for our security questionnaire!

Have a concern? Need to report an incident?

Please report it to [email protected]