We take security very seriously. We have a CompTIA qualified Security+ consultant on staff. We take the following precautions:
Each client's data is stored separately on a VPS (Virtual Private Server). This prevents cross-contamination of data and prevents a heavy user from penalising the speed of a lighter user. It also means that we have access to lightning fast links to both Eventbrite and Salesforce. Data connections to the VPS are all 'outgoing', i.e. initiate by the VPS, meaning that we can protect against 'incoming' attacks - minimising the attack surface. All our server software is regularly updated against security flaws.
"Security needs to be built in from the start -- not slapped on after the fact."
Gene Spafford, at the 23rd National Information Systems Security Conference in October 2000
Communications between the Event Bridge server and Eventbrite and between the Event Bridge server and Salesforce are SSL encrypted.
Server passwords and credentials are stored in a secured, encrypted manner that requires 2-factor authentication in order to access. All passwords used are 'strong' - at least 12 character long strings of letters, numbers and other characters.
"A secure system is one that does what it is supposed to."
If you think we should be safer, tell us how!