We understand the importance of your data and we go above and beyond to protect it.
In this article
How we protect your account
We keep an eye on your account to ensure it's only accessed by you, and the people you've invited to view information.
We proactively monitor user activity for suspicious activity
In addition to our normal checks, we employ external services including Castle and Papertrail to keep an eye on user activity and warn us if it's out of character or suspicious. This means that even if your account is stolen, we can get alerted and lock out the attacker before they have a chance to view anything sensitive.
We monitor for phishing attempts
We use email for critical portions of our system and to keep you informed about your account. We believe in strong email security, so all of our email is signed and validated so your email provider can be certain it came from us. In addition, we use modern standards like DMARC to work with your provider to prevent phishing emails from ever reaching your inbox. Gust Equity Management will never ask you for your password.
We encourage two-factor authentication
We partner with Authy to provide secure two-factor authentication to all accounts. You can enable this on your account settings page, and it provides an extra safeguard to your account.
How we protect your data from the world
We know that the data you enter into our system and it confidentiality are core to your business, so we endeavor to keep that data safe and secure at all times.
Your data is encrypted
Everything that you send to our system, or that we send to your browser, is encrypted with the latest standards and the highest grade security that your system will support. Every page we serve is over SSL, and we monitor the latest developments in browser and server security to upgrade our connection security when possible. If we cannot make a secure connection to your browser, we require you to move to a more secure browser (sorry older browsers!).
Our servers are behind a strict firewall
We host on Amazon Web Services, and use their Virtual Private Cloud features to ensure that the machines that store your data are inaccessible to the rest of the world. In addition to the firewall and networking restrictions, the AWS data centers provide a strong layer of physical security to ensure that no one can reach the machines that host our service.
We do access rights checks at the deepest level
Most services have a database user with rights to all account data that is responsible for only showing one users data. At Gust Equity Management, when you connect to our service you authenticate in the database, and our database restricts the information you can see based on your authentication. This means that no account on our website can see all user data and provides a deep layer of authentication and authorization before any data is made available.
How we protect your data in the system
In addition to the traditional "security" aspects of protecting your data, we believe that your data is always yours.
Your data remains your possession
While we're providing a number of tools and efficiencies on top of your data, the underlying information is always yours. As per the Terms We have features built-in that allow you to export your data and documents from our system. We want you to use our service because its useful to you, not because your data is locked up in it.
All data access is logged
Any view, creation, or modification of data in our system is logged by who and when. This means that nothing changes without a record, which can be investigated by our staff only on request.
What if Gust Equity Management goes out of business?
If this should ever happen, every user will be given advance warning and instructions on how to download the entirety of their data and documents.