Security Policy
At Click Fortify, we prioritize the security of your data. Explore our measures, including encryption, compliance with industry standards, and advanced practices to protect your information.
Overview
This Security Policy (“Policy”) outlines the security measures ClickFORTIFY Inc (“ClickFORTIFY,” “us,” “we,” or “our”) employs to protect the content posted in private Workspaces (as defined in our Terms of Service at clickfortify.com/terms-of-service) on our website (the “Site”). Policies and procedures may evolve over time, and we reserve the right to update this Policy at any time. Updates will be posted on the Site, with a revised date at the top of this Policy.
1. Account Data Privacy
All content posted within your ClickFORTIFY account is private by default. Users not invited to join your account cannot access this data. Only authorized users added via the sub-accounts feature can view and manage your data.
2. Ownership and Access Control
Account owners retain full control and rights over all content within their account, including determining access permissions. If a user’s access is revoked as outlined on the Site, they lose access to the account and its associated data.
3. Datacenter and Database Security
ClickFORTIFY uses Google Cloud Platform (GCP) to host its software, leveraging SSAE16-audited data centers in the U.S. Encrypted snapshots are stored in geographically distributed regions for disaster recovery.
4. Account Security
Each user has an account protected by a hashed password (bcrypt). Email and password credentials are required to initiate a session on the ClickFORTIFY platform.
5. Network Security
ClickFORTIFY uses a dedicated production environment, including firewalls configured with a default deny policy, intrusion detection systems, and limited access for authorized employees. All access is logged and monitored.
6. Data Encryption
All customer data is encrypted at rest and in transit. Browser connections use TLS, and ClickFORTIFY is configured to achieve an “A+” rating from Qualys SSL Labs.
7. Security Audits
Internal code reviews and periodic third-party security audits are conducted to identify and mitigate vulnerabilities within our application.
8. Availability
ClickFORTIFY guarantees a 99.9% SLA for monthly availability and employs high-availability configurations with built-in redundancy. Automated monitoring ensures swift resolution of availability issues.
9. Privacy Policy
Please refer to our Privacy Policy at clickfortify.com/privacy-policyfor details on how we collect, use, and disclose personal information.
10. Terms of Service
For service-related terms, refer to the ClickFORTIFY Terms of Service at clickfortify.com/terms-of-service.
11. Contact Us
If you have questions about our security practices, please reach out to us via our contact page atclickfortify.com/contact-us.