Skip to main content
All CollectionsTimeline data privacy and security
Timeline's Data Privacy and Security Measures
Timeline's Data Privacy and Security Measures
Gonzalo Podgaezky Folguera avatar
Written by Gonzalo Podgaezky Folguera
Updated over 2 weeks ago

From day one, Timeline has been designed with a strong focus on security. Above all else, our top priority is to safeguard your data across all levels of the stack and against every conceivable attack vector.

This page provides technical details on how we implement multiple layers of overlapping defences to protect your data on Timeline.

Security Overview

  • All connections to and from Timeline servers are protected by 256-bit strength HTTPS

  • Servers reside in 24/7 security-staffed data centre requiring key card and biometric identifier to access

  • Data is hosted in the UK/EU region

  • We use Heroku by Salesforce as our hosting provider

Network & Server Security

There are multiple layers of protection to keep your data secure at the Network & Server level. Our approach includes physical security at our server facility, encrypting all data in transit (via HTTPS), industry standard protection including firewalls, network vulnerability scanning, network security monitoring, and intrusion detection systems.

Timeline hosts its infrastructure using Heroku by Salesforce.

More info here: https://www.heroku.com/policy/security

Heroku Data Centers

Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:

  • ISO 27001

  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)

  • PCI Level 1

  • FISMA Moderate

  • Sarbanes-Oxley (SOX)

Heroku’s infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth capacity that exceeds the Internet carrier supplied bandwidth.

Firewalls

Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface which it is not addressed to. Heroku utilizes application isolation, operating system restrictions, and encrypted connections to further ensure risk is mitigated at all levels.

Controlling Access to Servers

  • Access to production is given following the Principle of Least Privilege.

  • 2 Factor Authentication is enforced for all critical systems.

Securing Data

  • Database information at rest is encrypted with AES-256, block-level storage encryption.

  • Additionally, PII data is encrypted at row level.

  • All information in transit is encrypted using TLS 1.2.

  • Our databases are stored on Heroku by Salesforce on Amazon Web Services data centres. You can find more information about our cloud provider security policies here: https://www.heroku.com/policy/security

Database Backups

Continuous Protection keeps data safe on Heroku Postgres. Every change to the data is written to write-ahead logs, which are shipped to multi-datacenter, high-durability storage. In the unlikely event of unrecoverable hardware failure, these logs can be automatically ‘replayed’ to recover the database to within seconds of its last known state.

More information:

https://devcenter.heroku.com/articles/heroku-postgres-data-safety-and-continuous-protection

In addition to platform-wide resiliency, we also have a comprehensive backup program.

Application database backups occur on the following frequencies: daily automated backups are performed and retained for 30 days with support for point in time recovery. The backup is stored encrypted on Amazon S3 (eu-west-1 region).

Penetration Tests

We run Continuous Penetration Security Tests with Strike, an independent third-party security research firm. With Strike, we have Cyber Security experts continuously trying to find vulnerabilities in our apps.

Continuous Penetration Security Testing can improve collaboration between our development and security teams. By integrating security testing into the development process, our developers can learn about potential vulnerabilities early on and work with our security teams to implement remediation strategies that fit seamlessly into the development process.

Strike also provides Automated Scans that can detect the most common vulnerabilities, including OWASP Top 10, SQL injections, XSS, Misconfigurations, and more.

Logging

Logging is critical for troubleshooting and investigating issues.

Access to logs follows the Principle of Least Privilege. Logs are archived for 1 year. No PII on logs. Mostly web server requests and telemetry data.

Encryption Key Management Best Practices

We follow Key Management best practices such as:

  • Never adding Keys and Secrets into the code repository.

  • Always setting Keys as Environment Variables on Production environment. (See Twelve-Factor App methodology and https://devcenter.heroku.com/articles/config-vars)

  • Granular control of Keys for different environments.

  • Backup row-level encryption keys on secure storage.

  • Periodically test decryption.

  • Centralised control of Secrets and Keys by CTO.

  • Access to keys given only when needed.

  • Generated keys shall be transported (when necessary) using secure channels.

  • Use only reputable cryptographic libraries that are well maintained and updated, as well as tested and validated by third-party organizations.

  • Cryptographic keys shall be generated within cryptographic module with at least a FIPS 140-2 compliance.

Timeline’s Data Subprocessors

You can find a complete list of data sub processors in this document.

Payments Security

We use PCI compliant payment processor Stripe for encrypting and processing credit card payments.

More info about Stripe’s security here

Open Source Usage at Timeline

The guidance for using open source software has been updated to enable team members to comprehensively determine which open source license types are pre-approved (deemed acceptable) for use, and which require prior review by the CTO (as their use may be unacceptable).

Team members wishing to use open source software should now refer to the comprehensive Blue Oak Council license list, and proceed, as follows:

  • Pre-approved (Acceptable): Software associated with license types rated Gold, Silver, and Bronze and all licenses on the Exceptions list are pre-approved for use by the Legal & Corporate Affairs team.

    • Team members can proceed without seeking legal input.

  • Approval required (Potentially Acceptable or Unacceptable): Aside from the the Exception list, Software associated with a Lead rated license type or software associated with a license not included on the Blue Oak Council list requires review before use.

    • Team members can request a review by contacting the CTO.

    • Include the details of how the software will be used, whether or not it will be modified, and how it will be distributed (if at all) in the issue description.

  • Exception list (Acceptable):

    • WTFPL

Did this answer your question?