2 comments

[ 5.6 ms ] story [ 17.7 ms ] thread
I'd like to hear more about how secure their service is. I don't want a dropbox-oops to mean that someone can read all my e-mail archives with no password.
We use OpenID and OAuth to authenticate users against Google before granting them access to anything. We encrypt everything and go so far as to use an EV-SSL cert. We use only SAS-70/SSAE-16 certified data centers, wrap our own servers in a VPN, and lock down all incoming connections. But probably most importantly, we assume a security break would be a company-ending event, and implement our controls accordingly.

Please contact me directly (charlie.wood@spanning.com) if you have any questions or run into any problems.

Thanks, Charlie Founder, Spanning