Blue Onion Labs
- Data Encrypted In-Transit
Blue Onion Labs uses the strongest encryption products to protect customer data and communications, including 256-bit encryption over HTTPS with 2048-bit key pairs using extended validation certificates and forward secrecy support.
- Passwords Encrypted
Passwords are stored in the database and are protected with a one way encryption.
- Data Retention Policy
One Full Backup plus the prior week's Archive Logs are retained both on a database server and on a backup staging server, both in the secure production environment. In addition, every week the most recent Full Backup plus the prior week's Archive Logs are encrypted and written to a tape (tapes are utilized only in the US, digital backups are utilized in other locations). Each week's encrypted tape is retrieved by Blue Onion Labs staff and sent via secure courier to offsite vaulting. Tapes older than 90 days are returned to Blue Onion Labs from offsite vaulting and are destroyed or reused within one week; reuse deletes all existing data on the tape. Thus, Full Backups are retained on tape for up to approximately 100 days.
Availability & Reliability
- Data Redundancy
Customer information in the Blue Onion Labs’ production environment at our Hosted Service facility resides on one of several database servers. As part of our service, and included within your subscription cost, we provide complete backup protection to ensure your data is protected, retained and available to you. Backups are part of our Redundancy Protection Program but are also periodically required by individual customers where they wish to restore their Blue Onion Labs application from a prior date.
- Infrastructure Redundancy
Blue Onion Labs and our Hosting Service partners provide complete redundancy within the boundaries of specified geographies and backup support services are part of each customer's subscription. The Heroku data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week.
- Quality Assurance Testing
All upgrades and enhancements to the production system are tested vigorously, documented and approved for release by the heads of engineering.
- Personnel Screening
Prior to production system authorization all employees undergo rigorous screening and have to sign a non-disclosure/confidentiality agreement.
- Multi-Tenant Architecture
Blue Onion Labs is a multi-tenant system with one instance of the database and one instance of the application. It is designed to make it impossible for one customer to access another customer's data. Unlike many other on-demand applications, we do not co-mingle customer data. Therefore, each customer's Blue Onion Labs application utilizes a unique and separate set of tables within the database. It is not possible for one customer's data to be accessed by anyone other than that customer's authorized users. The Blue Onion Labs support staff cannot view your data without receiving explicit permission from the customer.
- FISMA - Moderate - Data Center
- ISO 27001 - Data Center
- PCI-DSS - Level 1 - Data Center
- SOC 1 - Data Center
- SOC 2 - Data Center
- Sarbanes-Oxley (SOX) - Data Center
- Physical Access Control - Data Center
Blue Onion Labs uses co-location facilities operated by Heroku and Google Cloud. Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
- NamePurposeLocationContinuous integration & continuous deliveryUnited StatesOnline advertising and remarketingUnited StatesOnline advertising and remarketingUnited StatesWebsite traffic reporting and analyticsUnited StatesData hostingUnited StatesData hostingUnited StatesOnline advertising and remarketingUnited StatesPayment processingUnited StatesOnline advertising and remarketingUnited StatesPayment processingUnited StatesOnline advertising and remarketingUnited States