Last updated: Oct 12, 2020
RedisGreen and Stovepipe Studios make the security of your servers and your data our top priority. Our systems were designed from the ground up to be isolated, secure and reliable, while maintaining the high availability your applications need.
RedisGreen allows you to choose between major branches of database software in order to opt-in to new or different database features, but you never need to upgrade or maintain patchlevels yourself.
RedisGreen's team regularly reviews security advisories and rolls out automated patches to your database and underlying system software without disrupting your application.
RedisGreen does not store any credit card information from customers. Braintree processes payments and stores all payment information. Braintree is an independent, audited, PCI-compliant service.
RedisGreen is committed to the privacy of individuals.
RedisGreen operates in compliance with the principles of GDPR, LGPD, and other laws and regulatory frameworks designed to safeguard individual privacy. We carefully review and document how data is processed on behalf of our customers.
Customers can request a Data Processing Addendum (DPA) by contacting email@example.com.
All RedisGreen databases support TLS, and can be configured to only accept connections via TLS. Your RedisGreen account can be configured (in the "Default Settings" menu) to only allow connections via TLS for all resources.
RedisGreen's roots are kept securely offline. Certificates served up by RedisGreen databases are signed by an intermediate certificate authority.
Details on configuring TLS connections are integrated into your RedisGreen dashboard. A copy of our root cert which can be used to verify RedisGreen connections is available here:
RedisGreen's primary physical infrastructure runs on Amazon Web Services secure data centers. AWS's data centers are accredited by:
Physical and infrastructure-level security, including access control, power redundancy, fire suppression, climate and temperature control, are all maintained by AWS to the state of the art.
Our web dashboard and control plane applications undergo regular vulnerability scanning and source code reviews to assess the security of our systems.
We welcome third party vulnerability reports and take them seriously. Please see "Vulnerability Disclosure" below if you have found something that needs our team's attention.
All web application traffic is restricted to TLS/HTTPS only.
All systems at RedisGreen have a regular cadence of updates so no patch is left behind.
All communication with your RedisGreen databases is optionally encrypted, see "Transport-Layer Security" above.
Database backups are encrypted in transit and at rest.
Stovepipe Studios and RedisGreen employees never access the contents of RedisGreen databases unless required for support reasons. Staff may log into your account to reproduce bugs or problems, and will look at summary reports on the performance of database queries as part of routine monitoring.
When working on support issues we try to respect your privacy and avoid accessing any information stored in your database unless needed to resolve an issue.
All privileged employee devices which may for support reasons need to access customer data use disk-level encryption and regular security update policies.
All Stovepipe Studios employees agree to all company policies as a condition of employment, including our security and privacy policies.
We appreciate help in disclosing any security issues to us in a responsible and ethical manner.
To report a security vulnerability, the RedisGreen security team can be reached at firstname.lastname@example.org. Security is our top priority at RedisGreen; we will be in touch with you as soon as possible.
You may use the following public key to keep your message safe: