Security Overview

Data protection is a priority for businesses of all sizes. In 2012, the Wall Street Journal cited this alarming statistic, “Firms with 11 to 100 employees are attacked more than ten times as frequently as the next larger tier (100 to 1000 employees).” Fortunately, Briefcase helps protect your valuable data with the ability to control user access down to the field level. And with our cloud service, your data is secured using powerful AES 256-bit encryption while hosted on our servers.

Data Segregation

The Briefcase cloud service is multi-tenant and does not segment your data from other users’ data. Your data may live on the same servers as another user’s data. We consider your data private and do not permit another user to access it unless you explicitly invite a user to share it.

User Security

Briefcase never stores your password in plaintext. When we need to securely store your account password to authenticate you, we use AES Encryption Cipher with a unique salt for each credential.

While we don’t require you to set a complex password, passwords must be at least 6 characters. We limit failed login attempts on both a per-account and per-IP-address basis to slow down password guessing attacks.

User Group controls determine what the user can see and do. User Groups allow you to define what is referred to in information security compliance guidelines as Access Management.

Transport Encryption

Briefcase uses powerful, industry-standard technology to protect your networked data. Secure Socket Layer (SSL) data encryption establishes secure connections between our server and clients. We plan to continue improving our transport security posture to support our commitment to protecting your data.

Logging Activity

The Briefcase service performs server-side event and activity logging of client interactions with our services. Typical events that are logged include:

  • Clients that connect to and disconnect from the Database Server
  • Database files opened and closed by the Database Server
  • Consistency checks performed on files that were not closed properly
  • Pre-defined errors and conditions that the Database Server detects in your configuration
  • Current properties settings when the Database Server starts up, as well as settings that are changed during a Database Server session

Resiliency / Availability

We operate a fault tolerant system and network architecture to ensure that Briefcase is there when you need it, wherever you may be. This includes:

  • Diverse and redundant Internet connections
  • Scalable system architecture
  • Redundant network infrastructure including switches, routers, load balancers, and firewalls
  • Pre-defined errors and conditions that the Database Server detects in your configuration
  • Servers engineered with redundant power, redundant network hardware, and storage deployed in a RAID configuration

We back up customer databases at least once daily and replicate those backups to two independant regions. Backups are stored for no more than 7 days and are then deleted. We do not utilise portable or removable media for backups.

Physical Security

We operate in three AWS data centers located in the United States, United Kingdom and Australia. These data centers are staffed and monitored 24x7x365. Access to the data center requires at a minimum, two-factors of authentication, but may include biometrics as a third factor.

Each of our data centers has undergone a SOC-1 Type 2 audit, attesting to their ability to physically secure our infrastructure. Only operations personnel and data center staff have physical access to this infrastructure and our operations team is alerted each time someone accesses our cage, including a video record of the event.

Privacy and Compliance

Please see our privacy policy for further information.