We know that your information being safe is your top priority, that's why we take pride in our partners at Amazon Web Services (AWS) to have the highest-scale systems. All data centers (including the physical access to any such data centers) for DZone Software are managed by AWS and are housed in nondescript, monitored, and video surveillanced facilities. Physical access is strictly controlled by professional security staff, and all physical access to data centers by AWS employees is logged and audited routinely to ensure peace of mind.

DZone Software's data center providers maintain ISO 27001, SOC 2 Type II, and many other certifications.

All data centers (including the physical access to any such data centers) for DZone Software are managed by Amazon Web Services (AWS). AWS’ data centers are state of the art, utilizing innovative architectural and engineering approaches. AWS has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centers by AWS employees is logged and audited routinely.

AWS operates its data centers in such a way as to be compliant with a number of global certifications including ISO 27001, PCI DSS Level 1, and the EU Data Protection Directive. For more information, please see here: aws.amazon.com/compliance.

Data center physical locations and access are strictly controlled. Servers are located around the world in 6 regions:

  1. Australia
  2. Australia
  3. Asia - Singapore
  4. Canada
  5. Europe West- Ireland
  6. USA- East Coast
  7. USA- West Coast

DZone chooses its new hires carefully to fit our core values and to ensure the security of our customers’ data. Background checks, NDA, and our corporate security policy must be acknowledged upon hire and access to customer systems requires a probationary period of at least one month. Access to any system is revoked immediately when an employee leaves the company.

Many of the low level components that make up the DZone Software production infrastructure are provided by Amazon Web Services and are designed with multiple redundancies for maximum uptime.

In addition, critical systems such as DNS, load balancers and backups are run in a redundant manner across multiple data centers. At the database layer, all data is replicated in real time to a second master database. Snapshots are taken nightly with historical point in time recovery for databases.

DZone Software takes information security and privacy very seriously. Through a combination of internal controls and product features we verify the security of your data on an ongoing basis. Visit our privacy page to learn more.

The DZone Software incident response plan involves four steps – Detection, Analysis, Response, and Post-Mortem.

  1. Detection — the detection phase involves monitoring of systems, security alerts, vulnerability scanning, security code reviews, and penetration testing to detect security incidents.
  2. Analysis – the verification phase involves a multi-faceted analysis and prioritization of detected security events.
  3. Response – the response phase includes response based on the prioritization. This phase may contain early notification to affected customers, updates to customer sites, and any applicable bug bounties.
  4. Post-Mortem – the last step in the process involves recovery and lessons learned to prevent similar issues in the future. The incident response process is tested at least once a year. During the Response phase, there are provisions in case of a breach involving customer or personal data.

Amazon Web Services provides two locations in Europe that support the full range of our services including high availability, and all data is kept within the European borders.

DZone Software is committed to supporting the privacy regulations of the European community. In an effort to support the broadest range of customers possible, we work with Amazon Web Services to provide two locations in Europe – one in Ireland and one in Germany. Each one supports the full range of our services, including High Availability, and all data is kept within European borders.

Data center physical locations and access are strictly controlled. Article 29 Working Party, AWS Data Processing Addendum and Model Clauses Our hosting provider, AWS, has already obtained approval from EU data protection authorities, known as the Article 29 Working Party, of the AWS Data Processing Addendum and Model Clauses to enable transfer of data outside Europe, including to the U.S. With their EU-approved Data Processing Addendum and Model Clauses, AWS customers can continue to run their global operations using AWS in full compliance with EU law. The AWS Data Processing Addendum is available to all AWS customers that are processing personal data whether they are established in Europe or a global company operating in the European Economic Area.