Security

Keeping our platform safe and secure is our top priority at all times. We employ multi-layer security measures across our platform to ensure the integrity of our customers’ data and to protect our system against threats.

Hosting Environment

Dryfta platform is hosted on Softlayer (an IBM company) servers.

SoftLayer platform is audited and meets all requirements for ISO 27018
SoftLayer platform is audited and meets all requirements for ISO 27017
SOC Reports – SoftLayer provides SOC 1, SOC 2 and SOC 3 reports
Softlayer PCI Compliance
Firewalls to prevent unauthorized access to the system

PCI Compliance

Dryfta uses Stripe to process credit card payments. Dryfta does not store credit card information on its servers.

Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1
HTTPS and HSTS for secure connections
All card numbers are encrypted on disk with AES-256
Decryption keys are stored on separate machines
Two PGP keys to encrypt communications with Stripe

Encryption

Dryfta platform and event websites are accessible via a 256-bit SSL certificate issued by Comodo Certificate Authority.

Dryfta latest SSL certificate report

Platform Security Assessment

All applications are regularly scanned for common security vulnerabilities including the OWASP Top Ten.
Daily Malware scan.