At Harmony Lists, protecting customer data is a top priority. We take the responsibility of securing it very seriously.
Harmony Lists’ architecture is built to be secure and reliable. API access is done at the local level using an API key that is protected from public access. Communications to and from our Mailman servers occur over secure channels: SFTP, SSH, and SSL.
Our applications are hosted by Linode with the following certifications:
SOC 1 Type 2
SOC 2 Type 2
HIPAA Type 1
For more information, please see the relevant Linode security page:
Harmony Lists’ payment and card information is handled by Authorize.net, which has been audited by an independent PCI Qualified Security Assessor and is certified as a PCI Level 1 Service Provider, the most stringent level of certification available in the credit card payment industry. Harmony Lists does not typically receive credit card data, making it compliant with Payment Card Industry Data Security Standards (PCI DSS) in most situations.
Site Continuity and Disaster Recovery
Harmony Lists’ architecture is built with fault tolerant capability. Any cloud server environment that is detected as failing will initiate a migration mechanism that will move the failing cloud server to a more reliable and stable hypervisor environment.
Firewall and Encryption
Our servers are protected by firewalls and malware scanners. All Harmony Lists web traffic is served over HTTPS. We force HTTPS for all web resources.
Our SMTP servers support upgrading connections to TLS encryption.
Harmony Lists retains development and testing systems that are fully isolated from the production environment.