Security Overview

ProjectLocker is designed for businesses and others that need to keep their source code private, so we take the integrity and security of all customer data very seriously. We combine a number of approaches across our infrastructure to meet the ever-evolving challenges to security and data integrity.


Physical Security

All ProjectLocker production servers are housed in top-tier data centers with enterprise-grade security features.

  • 24x7 onsite security
  • Controlled access requiring proximity badge and/or biometric scanning
  • Video surveillance

Environmental Controls

  • Climate control
  • Redundant N+1 cooling system
  • Pre-action Fire Suppression

Power

  • N+1 UPS Battery Backup Units
  • N+1 Backup Power Generators

System-Level Security

  • All data is stored on redundant disk arrays.
  • 24/7 Server Monitoring and Support
  • All systems run recent, patched versions of underlying operating systems.
  • Non-ProjectLocker personnel are not permitted shell access for any reason.
  • Systems use a modular architecture and only expose the minimum services required.
  • ProjectLocker systems are periodically tested using vulnerability detection tools.

Connection Security

  • Connections to ProjectLocker are made via SSL and HTTPS by default
  • Connections are encrypted with public key encryption using 4096-bit private keys
  • Customers of some plans can optionally limit access to Subversion by IP address.

Backups

  • All data are backed up to offsite systems.
  • Portable customer-usable backups can be purchased upon request.