Hundreds of companies trust SHIFT to keep their data safe and secure. We take that responsibility very seriously.
SHIFT runs on AWS, which performs incremental, encrypted backups.
All SHIFT machines limit access to the least number of people necessary to keep them up and running.
All data exchanged with SHIFT is done via the HTTPS protocol, and login communication with our servers is encrypted with 128-bit SSL encryption.
All passwords are filtered from all our logs and are one-way encrypted in the database using bcrypt.
Passwords are hached securely, and never stored as plain text.
User data is protected by role recognition and is impossible for users to view data that does not belong to their organization.
When you pay for services with SHIFT, our servers do not store your payment information.
All systems containing customer data are completely encrypted, as are backup systems.
Dedicated staff are responsible for information security and risk management.
Production infrastructure is restricted to authorized employees, and production systems are kept separate from other operational business units.
Customer data is strictly limited to authorized employees who only access it to provide customer support and troubleshooting.
We have reviewed all relevant policies to ensure that we are GDPR compliant.
We have reviewed the Right to Access and Right to be Forgotten requirements, and have amended and updated our data retention policies accordingly.