Download:
pdf |
pdfSecurity Statement | SurveyMonkey
Sign In
Home
How It Works
Examples
Survey Services
Help
Plans & Pricing
Security Statement
Policy Center
SurveyMonkey takes our users’ security and privacy concerns seriously. We strive to ensure that user data is kept secure, and that we
SurveyMonkey
collect only as much personal data as is required to make our users’ experience with SurveyMonkey as efficient and satisfying as
possible. We also aim to collect data in the most unobtrusive manner possible. This Security Statement is aimed at being transparent
Precision Polling
about our security infrastructure and practices, to help reassure you that your data is sufficiently protected.
User Security
SurveyMonkey Contribute
General Policies
Information
SurveyMonkey utilizes some of the most advanced technology for Internet security commercially available today.
SurveyMonkey requires users to create a unique user name and password that must be entered each time a user logs on.
SurveyMonkey issues a session "cookie" only to record encrypted authentication information for the duration of a specific session.
The session cookie does not include either the username or password of the user.
When a user accesses secured areas of our site, Secure Sockets Layer (SSL) technology protects user information using both server
authentication and data encryption, ensuring that user data is safe, secure, and available only to authorized persons
Security Statement
Passwords and credit card information are always sent over secure, encrypted SSL connections.
Requests & Forms
Accounts which are SSL enabled ensure that the responses of survey respondents are transmitted over a secure, encrypted
connection
We are PCI-DSS compliant
Physical Security
Our data center is located in a SOC 2, Type II audited facility
Data center staffed and surveilled 24/7
Data center secured by security guards, visitor logs, and entry requirements (passcards/biometric recognition)
Servers are kept in a locked cage
Digital surveillance equipment monitors the data center
Environmental controls for temperature, humidity and smoke/fire detection
All customer data is stored on servers located in the United States
Availability
Fully redundant IP connections
Multiple independent connections to Tier 1 Internet access providers
Uptime monitored constantly, with escalation to SurveyMonkey staff for any downtime
Database is log-shipped to standby servers and can failover in less than an hour
Servers have redundant internal and external power supplies
Network Security
Firewall restricts access to all ports except 80 (http) and 443 (https)
Intrusion detection systems and other systems detect and prevent interference or access from outside intruders
QualysGuard network security audits are performed weekly
McAfee SECURE scans performed daily
Storage Security
All data is stored on servers located in the United States
Backups occur hourly internally, and daily to a centralized backup system for offsite storage
http://www.surveymonkey.com/mp/policy/security/[3/13/2013 9:59:14 AM]
Security Statement | SurveyMonkey
Backups are encrypted
Data stored on a RAID 10 array
O/S stored on a RAID 1 array
Organizational Security
Access controls to sensitive data in our databases and systems are set on a need-to-know basis
We maintain and monitor audit logs on our services and systems (we generate gigabytes of log files each day)
We maintain internal information security policies, including incident response plans, and regularly review and update them
Software
Code in ASP.NET 2.0, running on SQL Server 2008, Ubuntu Linux, and Windows 2008 Server
Our engineers use best practices and industry-standard secure coding guidelines to ensure secure coding
Latest patches applied to all operating system and application files
Billing data is encrypted
Handling of Security Breaches
Despite best efforts, no method of transmission over the Internet, or method of electronic storage, is perfectly secure. Therefore, we
cannot guarantee absolute security. If SurveyMonkey learns of a security breach or potential security breach, we will attempt to notify
affected users electronically so that they can take appropriate protective steps. SurveyMonkey may also post a notice on our website if a
security breach occurs.
Your Responsibilities
Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated
passwords and storing them safely. You should also ensure that you have sufficient security on your system, to keep any survey data
you download to your own computer away from prying eyes. We offer SSL to secure the transmission of survey responses, but it is your
responsibility to ensure that that feature is enabled on your account.
Questions?
If you have any questions about security on the SurveyMonkey website, please email us at [email protected].
Follow Us:
Facebook
Twitter
LinkedIn
Our Blog
Google+
YouTube
Help:
FAQs & Tutorials
Contact Support
About Us:
Management Team
Board of Directors
Partners
Newsroom
Contact Us
Jobs
Sitemap
Policies:
Terms of Use
Dansk
Deutsch
English
Privacy Policy
Español
Anti-Spam Policy
Français
Security Statement
Italiano
Copyright © 1999-2012 SurveyMonkey
http://www.surveymonkey.com/mp/policy/security/[3/13/2013 9:59:14 AM]
Nederlands
Email Opt-Out
日本語
Norsk
Português
Русский
Suomi
Svenska
中 (繁體)
File Type | application/pdf |
File Title | Security Statement | SurveyMonkey |
File Modified | 2013-03-13 |
File Created | 2013-03-13 |