User Account Security Capabilities
Passwords are stored in a salted encrypted format, unless you specify otherwise. Unless cleartext passwords are enabled, site administrators cannot see user passwords.
Administrators can require users to change their password on their next login.
Administrators can restrict access to certain IPs or IP ranges, either on a per-user or site-wide basis.
We support 2048-bit SSL encryption for all FTP and HTTP connections to the Service. This is an extremely high level of encryption.
For HTTP (web workspace) connections, SSL encryption (https://) is required for all connections. If a user attempts to connect to the web workspace via unsecured HTTP (http://), we will automatically redirect them to the secure HTTP address (https://). There is one exception to this:
If you use the Pro or Max plan and choose to use your own domain name, by default we will disable SSL via the web interface to avoid showing your users a "certificate mismatch" error.
If you would prefer to have the security over the pointed domain name, turn on the Require SSL option in the Site tab and we will redirect your users to a secured page hosted at https://yourname.brickftp.com
For FTP (file transfer protocol) connections via port 990, 2048-bit SSL encryption is supported and required on all connections.
For FTP (file transfer protocol) connections via port 21, 2048-bit SSL encryption is supported, though not required by default. You may configure your account to refuse insecure FTP connections by setting an option in the Site tab.
Files are encrypted-at-rest, with all encryption keys stored in a key-management escrow service operated by Amazon S3. (** Applies to all files uploaded after October 5, 2011.)
All of our server instances, file storage, and database hosting are provided by Amazon Web Services, a subsidiary of Amazon.com.
Amazon Web Services has achieved ISO 27001 certification and has successfully completed multiple SAS70 Type II audits.
Amazon has many years of experience in designing, constructing, and operating large-scale datacenters. This experience has been applied to the Amazon platform and infrastructure. Amazon datacenters are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two- factor authentication a minimum of two times to access datacenter floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
Amazon only provides datacenter access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to datacenters by Amazon employees is logged and audited routinely.
Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.
The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.
Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Personnel and systems monitor and control temperature and humidity at appropriate levels.
Server Software Updates and Patches
Our web and file servers run the latest version either the Ubuntu Linux operating system distribution (currently, version 10.04) or the CentOS Linux operating system distribution (currently, version 5.4). Our web application is developed using the latest version (version 3) of Ruby on Rails. We use the latest version of MySQL (5.1) for our database servers.
We subscribe to the security announcement mailing lists for Linux, CentOS, Ubuntu and Ruby on Rails and install critical security updates as soon as possible after they are announced.
We install non-critical and non-security related software updates to Ubuntu, CentOS, or Ruby on a weekly basis.
Updates to MySQL are managed by Amazon, and they install critical security updates as quickly as possible.
Our web servers are automatically audited for security quarterly by McAfee SECURE, a PCI-approved Independent Scanning Vendor. We have passed their audits and they find us in compliance with their requirements.
Our servers are also automatically audited for security quarterly by Trust Guard. We have qualified for their Security Scanned seal. In order to qualify for the the Security Scanned seal, it means that we pass a thorough quarterly scan of more than 37,000 known vulnerabilities.
If our servers ever fail to be in compliance with either security audit (if, for example, a new vulnerability is discovered), we will correct the problems as quickly as possible and then request a new audit immediately.
Our servers are Amazon EC2 Server Instances.
Our servers are kept behind a firewall (configured in a default deny mode) and only the ports necessary for operation are exposed to the public Internet.
Files are hosted using Amazon's S3 Simple Storage Service. Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage.
Only Action Verb, LLC employees with a legitimate business need have the ability to log-in to our servers or databases directly.
Access is removed from employees immediately if they leave the company or no longer have a business need to access the servers.
Our billing and signup processes are also PCI-compliant. PCI is the Payment Card Industry standard for cardholder data security.
This should not be misunderstood to mean that you may store protected cardholder data in BrickFTP. We have NOT attempted to ensure PCI-compliance for the data that our customers upload.
For Maximum Security
To ensure that nobody accidentally transfers a file on your account using insecure FTP or HTTP, enable the "Require SSL" option in the Site tab. This is especially important if you are using the Pro or Max plan and your own domain name, as we will otherwise disable SSL by default on the web interface.
BrickFTP has many customers who are subject to the Health Insurance Portability and Accountability Act (HIPAA). As such, we are aware of the relevant requirements and have designed our service to be compliant with HIPAA.
BrickFTP itself is not considered a "covered entity" or a "Business Associate" and as such is not itself regulated by HIPAA. Therefore, you do not need to enter into a Business Associate Agreement (BAA) with BrickFTP. This page on the HHS website explains that a business associate contract is not required with "a person or organization that acts merely as a conduit for protected health information, for example, the US Postal Service, certain private couriers, and their electronic equivalents."
The rest of this document explains the various physical and technical measures we use to protect your data. You may refer to it in any internal auditing that you perform.
Please be sure to follow the steps in the For Maximum Security section above to ensure that you have configured BrickFTP to be compliant.
Changes and Evolution
Action Verb, LLC strives to stay up-to-date with the latest best practices, and as such reserves the right to change the exact implementation of our technology platform at any time. If we make a substantial change that affects security matters, we will alert BrickFTP™ paying customers of such change via E-Mail. Your continued use of the Service following such changes will indicate your acceptance of those changes.
This document was last updated on December 1, 2011.
Questions regarding this document should be sent by e-mail to us using our online contact form.