The safety and security of Orangescrum customers data is our Top Most priority. Keeping ever increasing security threats in mind, Orangescrum conducts routine security audits by top notch experts in the industry.
Orangescrum uses physical, procedural, and technical safeguards to preserve the integrity and security of your priceless information.
Orangescrum provides a complete risk-free environment at every step of the transaction process. All credit card information transmitted, stored, and processed securely on Braintree, a PCI-compliant payment gateway.
Orangescrum uses 128/256-Bit SSL encryption, ensuring communication security over the Internet.
We use the same level of encryption that is being used by banks/financial oraganizations to secure online transactions.
All traffic to Orangescrum are automatically get scanned for harmful viruses. Data access in Orangescrum is subject to numerous checks to ensure no users from outside your company ever see or modify your data without you explicitly granting them access within Orangescrum.
Data Security and Backup
Orangescrum database is hosted in secure AWS Cloud (Amazon Web Services). All your data backed up hourly on multiple Amazon servers. Even if one server fails, your account is active with all data intact. Our endeavor to achieve 99.9% uptime, which guarantees you service continuity all the time.
Responsible Disclosure of Security Vulnerabilities
Web security is constantly evolving; It is our top priority to keep our customer's personal data safe and confidential.
Please act in good faith towards our customer's privacy and data during your disclosure. Orangescrum requests that you don't post or share any information about a potential vulnerability publicly. Also, we respectfully ask that you do not post or share any data belonging to our customers. We will not take legal actions against individuals who act in good faith and responsibly disclose a security issue.
We always appreciate your taking the time to help us find and fix security issues.
We would like to thank the following individuals who helped Orangescrum realize and fix security issues.
If you think you've discovered an issue with Orangescrum security measures, please contact us at firstname.lastname@example.org. Once we've received your message, we will investigate the issue. If you are interested in helping find the solution, let us know and we will involve you as much as we can.
NOTE: In your disclosure, please include the potential impact with screen-shot if possible, steps to reproduce the issue and page name. Also don't forget to mention your Name, Twitter/Facebook/LinkedIn/G+ ID
Orangescrum does not compensate individuals or organizations for identifying potential or confirmed vulnerabilities. Requests for monetary compensation will not be honored.