Beanstalk is hosted with ServerCentral in the most sophisticated data center in the Midwest. As a Type 2 SSAE 16 SOC 1 accredited facility, it contains keycard protocols, biometric scanning protocols and round-the-clock surveillance. Only authorized data center personnel are granted access and undergo multiple and thorough background security checks.
Customer data for all accounts are accessed via secure protocols such as HTTPS and SSH. Additionally, all passwords are encrypted on our servers and databases. We run a dedicated environment behind firewalls with constant internal and external monitoring. All software is updated regularly to ensure the latest security patches.
All users can setup 2-step authentication that will require a numeric code along with a password to login. Receive this code via SMS, or use an app like Google Authenticator. Secondary mobile numbers may also be provided.
Account owners can set Beanstalk to require strong passwords for all users of that account. We use advanced algorithms to make sure each password can't be easily guessed.
The best security can be compromised without proper policies. Only a select few have access to the servers where data is stored. We go to great lengths to ensure the right balance between support and a secure infrastructure. Employees can only access accounts if they have explicit permission from an account owner or administrator.
Account owners on Business Plans are able to restrict their team’s access to Beanstalk’s web interface, repositories, and API. Whitelisting can be set on a single IP or a range of IPs.
For enhanced security, we provide a list of most recent unique IP addresses from which your account was accessed. We record IP addresses for web interface, API, Git and Subversion requests and group them by username. If you suspect malicious behavior on your account, you can view this information directly inside Beanstalk. It's an added peace of mind for any team.
Beanstalk contains redundancy in as many areas as possible to avoid and recover from failure. This includes a load balanced and sharded environment with automatic recovery on physical hardware failures. Our data center includes redundancy across all aspects of potential failure including network transit, routing, and power.
Customer data is stored across redundant disk arrays with high availability failover protection. Snapshot backups are performed every minute (yes, once per minute) to local and offsite backup servers.