Security

The most important commitment we have is to the security of your data.

This commitment touches every part of our infrastructure, our products, and our company policies.

Encryption

Encryption means that your data is encoded in such a way that to the naked eye it looks like gibberish. Any encrypted data must be decrypted in order to be read. By encrypting your data we're ensuring that only authorized parties (that's you and your organisation!) can read it.

Encryption in transit - We encrypt all data as it moves between our servers and your web browser.

Encryption at rest - We encrypt all data that's stored on our servers. This includes both the records stored in our databases and search indexes as well as any files and images you've uploaded to your database.

Bank-level Encryption - We use both SHA-256 and AES-256 encryption, the strongest encryption available.This is the same level of encryption that banks use.

Backups

Static and dynamic content editing

Think of backups like a permanent safety net for your data. We store multiple copies of every change ever made to your database in multiple locations. Whether you accidentally delete a single record, or your intern deleted the entire database again when you weren't looking -- we'll be able to find a backup and restore it. Restoring from a backup is free for all paid plans.

Redundancy

Redundancy is usually a negative word: it means no longer useful or necessary. In the data world, redundancy is very good word. A system with high redundancy means that there's no single point of failure. If any one component goes down, a redundant component can step right in with no noticeable difference. For you this means that if one database fails - other databases will pick up the workload.

Infrastructure

We use Amazon Web Services to power everything that Senca has to offer. As a Senca customer you inherit all the best practices of AWS policies, architecture, and operational processes. Amazon Web Services is considered the industry leader in cloud services and is trusted by organizations like DOW Jones, Pfizer, and the CDC. Amazon's secure data centers enable the redundancy and scaling that equates to a secure and reliable service for your data.

Policies

Security doesn't stop with infrastructure. Without the right polices around privacy and access your data can still be susceptible to human error or compromise. The same amount of attention to infrastructure and technology needs to be allocated to the people and policies responsible for running that technology. We've carefully implemented security policies around your data's privacy and about how the Senca team can access that data.

Privacy Policies

Privacy - We maintain a privacy policy here that outlines our commitment to respecting your privacy and the privacy of the information in your account. Ultimately, the data in your account is not accessible to anyone, unless you make it accessible.

Data Ownership - you are the sole owner of your data and completely responsible for it. We have no ownership of your data and can make no claims on it as long as you are following the terms of agreement.

Access Policies

VPN Access - All access by Senca employees to your data is governed by a secure virtual private network. This access is monitored and can be revoked at any time, so even a stolen laptop presents no privacy risks.

Development Silos - Senca engineers work in a development environment that is completely separated from any live data. This way no bugs or errors have even the slightest potential to affect your data.

Access Logging - Every access request to your data by a Senca employee is logged and time-stamped. We can confirm exact access by the Senca team to any data in the unlikely case that this log is needed.

Team Policies

NDA and Confidentiality - Each Senca employee signs non-disclosure and confidentiality agreements that provide legal backing for our obligation to keep your data private and confidential.

Training - Each Senca employee undergoes training and instruction on data access and privacy and how to securely handle customer requests for account or billing access.

Support Access - The Senca team will sometimes need to access your data for support services. We only do this at your request and when necessary to resolve the issue to your satisfaction.

Features

Password Protection - We protect your data with encrypted password technology, so that only authenticated users have access.

Roles & Permissions - You can assign roles for your organisation's users and define exactly which permissions each role has.

Password Encryption - All user passwords are double encrypted and hashed with a salt, which prevents dictionary attacks and adds an extra layer of security.

Version Tracking - Senca stores every change to every record (project, experiences, accounts etc) so if you need to know, we can tell you who changed what and when.

Secure Files - Option to store files behind your logins so only authenticated users can view and download those files.

IP Blocking - Optionally restrict access to your organisation to specific IP addresses or IP blocks.

Data Encryption - All data displayed in your app and updated back to the database is encrypted and secured with SSL.