Using a 256 bit encrypted SSL connection, your error messages are shipped off securely to elmah.io's powerful infrastructure, without you having to worry if someone else is watching.
With our PCI compliance, you can trust elmah.io with your credit card details. PCI is created by Visa, MasterCard, American Express, Discover and JCB to ensure that we are running on a secure environment.
We want to be 100% transparent about what personal data we collect and how we handle it. GDPR is something that we take very seriously and we document everything on our GDPR wiki.
Running on Microsoft Azure does not only make elmah.io run fast and scale to the daily needs. It also comes with a whole range of security features built in, like DDOS protection.
Whether we like it or not, hardware failures happen. All of your data is backed up in a data center located in another geographical region. This allows us to fail over to a new region in case one or more of our data centers goes down.
When we use the word retention, we actually mean it. Where a lot of companies soft delete data to keep them around for statistical purposes, we never keep your data longer than specified in each plan.
The elmah.io client automatically obfuscates passwords to avoid shipping sensitive data. The customizable obfuscation process in combination with message hooks, allows you to remove sensitive data before messages hit elmah.io.
All of the internal communication on the elmah.io platform, happens through a VPN. If a hacker would ever be able to penetrate the system, he/she will not be able to inspect the connections between components.
While most of elmah.io is running on various Microsoft Azure features, we still need virtual machines. All of the machines are using a firewall and only spoken to through a secure connection.
We use an external partner to carry out continuous penetration tests. Tests like these are essential to make sure that security bugs are found and fixed fast.