Security

We keep your private data private

SSL Encryption

Using a 256 bit encrypted SSL connection, your error messages are shipped off securely to elmah.io's powerful infrastructure, without you having to worry if someone else is watching.

PCI Compliance

With our PCI compliance, you can trust elmah.io with your credit card details. PCI is created by Visa, MasterCard, American Express, Discover and JCB to ensure that we are running on a secure environment.

Microsoft Azure

Running on Microsoft Azure does not only make elmah.io run fast and scale to the daily needs. It also comes with a whole range of security features built in, like DDOS protection.

Backup

Whether we like it or not, hardware failures happen. All of your data is backed up in a data center located in another geographical region. This allows us to fail over to a new region in case one or more of our data centers goes down.

Data Retention

When we use the word retention, we actually mean it. Where a lot of companies soft delete data to keep them around for statistical purposes, we never keep your data longer than specified in each plan.

Remove Sensitive Data

The elmah.io client supports message hooks, which makes it possible to remove sensitive data before messages are sent to the API. You'd never want passwords in your log anyway, right?

VPN

All of the internal communication on the elmah.io platform, happens through VPN. If a hacker would ever be able to penetrate the system, he/she will not be able to inspect the connections between components.

Firewall

While most of elmah.io is running on various Microsoft Azure features, we still need virtual machines. All of the machines are using a firewall and only spoken to through a secure connection.

Penetration Tests

We use an external partner to carry out continuous penetration tests. Tests like these are essential to make sure that security bugs are found and fixed fast.