Otherboard offers world class, industry leading security. Your data is safe with us.
Secure Data Hosting
Otherboard’s data is hosted securely with Amazon Web Services (AWS).
Otherboard Development Team
Otherboard’s engineers are trained and required to use standard best practices in all aspects of development and maintenance of data including NIST and CIS Benchmark standards.
All payments are processed using the Stripe Financial Services Company, an industry leader in secure payment processing. Stripe maintains the strictest security protocols which can be reviewed on the Stripe Security Page.
All data secured and protected by Otherboard is encrypted in transit and in rest using 256-bit encryption. Members of the Otherboard team maintain zero-access to raw customer data including any endpoints related to site size, site monetization or site rankings. Your data is completely, 100% encrypted – no one will have access to it.
Otherboard use a UK based company called Plausible to provide cookie-free analytics that maintain the privacy of our users. Plausible is a lightweight and open-source website analytics tool that is fully compliant with GDPR, CCPA and PECR.
Otherboard is secured using the above Data Encryption standards. Our API and other endpoints are TLS/SSL based with HSTS enabled and are regularly tested to ensure security.
The Otherboard security team maintains Framework Security with multiple security tools which help mitigate exposure to malicious attacks including SQL Injection (SQLi) and Cross Site Scripting (XSS) among other commonly known risks.
DDoS Mitigation and Protection
Otherboard uses Cloudflare and Amazon Web Services to prevent DDoS attacks with multi-layer protections built in.
Uptime Guarantee and Monitoring
Otherboard has a 99% uptime guarantee, our uptime will be monitored and publicly available using Statuspage by Atlassian.
Otherboard keeps full activity logs with changes recorded by user level and retains (6) months of backups in a secured server space.
In the event that a data center has downtime, Otherboard will remain functional utilizing Cloudflare’s data redundancy across data centers and multiple instances of our content across Amazon’s Web Services hosting.
Virtual Private Cloud
Otherboard uses a virtual private cloud (VPC) to secure unauthorized attempts to access our data.
All development is done in a separate staging environment and code is checked prior to updates being pushed to the live environment.
If any such breach should occur, Otherboard has a trained development and security team capable of mitigating the breach. Protocols including escalation options are also included in security training among staff.
All data is consistently monitored for security and any unauthorized access immediately alerts the security team along with detailed log of changes.
Passwords difficulty rules are enforced and passwords are stored using PBKDF functions to ensure strong encryption.
Two Factor Authentication
Otherboard utilizes Two-Factor Authentication (2FA) to ensure sign in is secured with an additional device requirement through a variety of Time-Based One-Time Password (TOTP) apps including Authy and Authenticator.
Permissions Based User Roles
Otherboard uses Roles-Based Access Controls (RBAC) to limit and protect information based on accessibility. The following table is a list of the Admin Role, Team Manager Role and Collaborator Role along with their current permissions.
|Set-up Integrations with Services||✅||❌||❌|
|Create new projects||✅||❌||❌|
|View Revenue Data||✅||❌||❌|
|View Analytics Data||✅||❌||❌|
|Add Additional Administrators||✅||❌||❌|
|Add Team Managers||✅||❌||❌|
|Create a new WordPress Post||✅||✅||❌|
|Publish/Schedule WordPress Posts||✅||✅||❌|
|Account Settings Access||✅||✅||❌|
|WordPress Post Phase Management||✅||✅||✅|
|Calendar View Access||✅||✅||✅|
|SEO Notifications/Ranking Data||✅||✅||❌|
|Team Chat Notifications||✅||✅||✅|
|Edit Image Alt-Text||✅||✅||✅|
|Edit Yoast/Category Selections||✅||✅||✅|
|Contribute to Team Chats||✅||✅||✅|
Non-Disclosure Agreements (NDAs)
All members of the Otherboard team are held liable by signed NDAs to protect confidentiality.
All employees of the Otherboard team have submitted to and been cleared by extensive background checks which include criminal, drug and financial checks.
HR and Training
The Otherboard team is trained for their roles extensively while being monitored prior to being given any direct access to parts of the framework. Human Resources is available to all members of the team who ensures a safe and respectful workplace while maintaining employee records in a secure way.
Information sharing at Otherboard is on a strict need-to-know basis with the Development, Design and Marketing teams.
Permissions among the Team
Permissions and access are limited to only what information is needed by a team member to complete the tasks assigned to them.
Secured Team Access
Team Members utilize strong password requirements be maintained in an encrypted software program in addition to the use of Two-Factor Authentication (2FA).