December 23, 2016

Our Practices

We take the security of the information you trust us with very seriously. We use industry best practices to ensure our communications with you and our partners are strongly encrypted. All sensitive information is hashed or encrypted to military-grade standards. Our systems are physically and electronically secured against outside access.

  • EasyRedir marketing and management web sites use always-on TLS encryption and also use HSTS
  • all passwords in EasyRedir are salted and peppered - we never store your actual password
  • all SSL certificates and other sensitive information is encrypted with AES-256-GCM and the encryption keys are rotated regularly
  • we only use TLS connections to share information with our partners, and only as required to deliver you our service
  • source code for all EasyRedir applications and infrastructure is version controlled which enables auditing of all changes made to it
  • we only operate in data centers that have achieved ISO 27001 certification
  • our servers are isolated from the public internet and have multiple intrusion prevention and detection mechanisms in place

If you have any questions regarding our security practices, please get in touch.

Responsible Disclosure

We are truly thankful when white-hat security professionals responsibly disclose security vulnerabilities they find to us. If you would like to report a vulnerability, please email us at security@easyredir.com.