Assetti always ensures your data is securely protected.
1. All communication through the cloud is encrypted:
- HTTPS (SSL) is used for all website access;
- Login attempts are restricted to prevent brute force attacks;
- Registration emails contain single use tokens (not passwords);
- Passwords are encrypted;
- User access is controlled by configurable permissions.
2. Supporting your service:
- Assetti support agents can only access data via secure channels (HTTPS or SSH);
- Support passwords are changed regularly;
- Support agents only have limited access inside Assetti to update system settings, monitor performance and maintain licenses. They can not browse your Property/KPI/Lease/Contact/Unit information.
3. Separate data in the cloud:
- Your information is not available to other customers inside Assetti;
- Your data is stored in a separate database schema.
4. Website hacks are prevented:
- Login and access control are enforced on every page in Assetti;
- Cross site scripting (XSS) attacks are prevented;
- Cross site request forgery (CSRF) attacks are prevented;
- External SQL injection is also prevented.
5. Backing up your data:
- Daily backups are stored for the last 14 days;
- Monthly backups are stored for the last 12 months;
- Backups are made to tape and stored in a separate secure location once per week.
- Our use of your data is bound by the terms of the Assetti Service and Security Statement;
- Please refer to the attached Assetti Service and Security Statement for more details.