2houses Security Policy

Last updated: May 22, 2018

2houses Security policy

Your security is very important to us! Here is a summary of what we do every day to guarantee that your data is safe with 2houses.

Database Security

Customer data is stored in a dedicated database – no sharing of data between clients

Data access control rules implement complete isolation between customer databases running on the same cluster, no access is possible from one database to another

Password Security

Customer passwords are protected with industry-standard encryption

2houses staff does not have access to your password, and cannot retrieve it for you, the only option if you lose it is to reset it

Login credentials are always transmitted securely over HTTPS

Staff Access

2houses helpdesk staff may sign into your account to access settings related to your support issue. For this they use their own special staff credentials, not your password (which they have no way to know)

This special staff access improves efficiency and security: they can immediately reproduce the problem you are seeing, you never need to share your password, and we can audit and control staff actions separately!

Our Helpdesk staff strives to respect your privacy as much as possible, and only access files and settings needed to diagnose and resolve your issue

System Security

Only a few trusted 2houses engineers have clearance to remotely manage the servers – and access is only possible using SSH key pairs (password authentication disallowed)

Firewalls and intrusion counter-measures help prevent unauthorized access

Automatic Distributed Denial of Service (DDoS) mitigation is implemented in our data centers.

Physical Security

2houses Cloud servers are hosted in trusted data centers in various regions of the world (e.g. Online.net, Amazon S3,…), and they must all exceed our physical security criterions:

Restricted perimeter, physically accessed by authorized data center staff only

Credit Card Safety

When you sign up for a 2houses subscription, we do not store your credit card information

Your credit card information is only transmitted securely between you and our PCI-Compliant payment acquirers (even for recurring subscriptions)

Communications

All web connections to client instances are protected with state-of-the-art 256-bit SSL encryption

Our servers are kept under a strict security watch, and always patched against the latest SSL vulnerabilities.

Contact Us

If you have any question regarding this Security Policy, or any enquiry about your personal data, please contact us at:

2houses SA
148, Chaussée de Charleroi
6220 Fleurus
Belgium
[email protected]
TVA BE 0836 314 402