We take security seriously at SessionLab. And for good reason: every person and team using our service expects their data to be secure and confidential. We are constantly working on bringing in state-of-the-art security practices into our product, so you can take advantage of cutting-edge features designed to safeguard your data and work to maintain your trust.
SessionLab uses authenticated logins to maintain application security and SSL for security during transmission, ensuring complete data privacy.
SessionLab infrastructure is hosted on Amazon Web Services. AWS compliance program is designed to follow international security standards and regulations while protecting confidentiality and data privacy. Data centres provide the necessary means to operate 24 x 7 and protect data from physical damage and network issues.
All of the data is backed up daily on the secure location and kept for 30 days.
When you access SessionLab, SSL technology protects your information using both server authentication and data encryption. We never store passwords as clear text – they are always hashed securely. All network communication uses TLS with at least 128-bit AES encryption. The connection uses TLS v1.2, and it is encrypted and authenticated using AES_128_GCM and AES_128_CBC, using ECDHE_RSA as the key exchange mechanism. Qualsys’ SSL Labs scored SessionLab’s SSL implementation as “A” on their SSL Server test.
SessionLab is not in the business of storing or processing payments. All payments made to SessionLab is handled by our payment service provider, Braintree Payment (a division of PayPal). Details about their security setup and PCI compliance can be found at Braintree’s security page.
It is essential that we provide a reliable service to our customers, making sure that the data you trust us to store is always available when you need it. During the past year, we reached 99.98% service uptime (the sum time when the service was unavailable during the past 365 days was decreased to under 2 hours).