Frequently Asked Questons
Print this Article
Email this Article
We go to great lengths to make sure your data is secure. In this article, you'll learn about BigTime’s security protocols.
- What encryption protocols does BigTime support?
Currently, BigTime supports TLS 1.0, 1.1 and 1.2. Before the end of 2018 we will exclusively support TLS 1.2.
- How does BigTime protect its publicly accessible systems?
BigTime resides in a Virtual Private Cloud on Amazon Web Services (AWS). We only permit HTTP/HTTPS traffic to our web servers through our load balancers. Our databases and support systems that do not require web access are not public facing. We also rely on AWS Shield and Cloudflare to help block suspicious traffic and denial-of-service attacks.
- Is all client data encrypted?
All traffic to BigTime is served over https and all server disks are encrypted. Our snapshots, image-based backups, and sensitive data within the BigTime database are encrypted as well.
- How is administrative access to BigTime systems secured?
Administrative access to BigTime systems is only provided from our home office in Chicago, and select resources can be accessed by approved staff via a secure SSH tunnel to AWS.
- Does BigTime have a written security policy?
Yes, BigTime has a written network security policy and our compliance team meets to review and approve all changes to internal security policies.
- Does BigTime enforce a strong password requirement?
Yes, client administrators can enable a strong password requirement.
- How is user security organized within BigTime?
BigTime offers role-based permissions for login and access to projects and reports.
- I think I found a vulnerability. How do I report it?
Any suspected breaches of security vulnerabilities can be reported to firstname.lastname@example.org for review by our team. You will receive a confirmation of the receipt of your report from a member of our team.
Where to go from here:
Was This Helpful?