We aim to keep Vend safe for everyone, and data security is of utmost priority. If you discover a security issue with Vend, we appreciate your help in disclosing it to us in a responsible manner. We'll work with you to understand and patch the issue in a timely fashion.
Responsible disclosure is the industry best practice, and we recommend it as a procedure to anyone researching security vulnerabilities.
Our systems are kept up-to-date with security patches and consistent using configuration management software.
We use multiple firewalls and VPN services to help block unauthorized system access.
We restrict shell access to our servers to a small set of Vend employees for maintenance. We use username and key authentication, keeping password authentication disabled.
Data storage & backups
We consistently replicate your data to fault-tolerant clusters of database servers. We perform full backups nightly and incremental backups every hour. Our backup strategy allows us to recover in the unlikely event of a major data incident.
We host our servers with Rackspace and Amazon Web Services, both of which hold ISO 27001 certification and their data centers protected with biometrics, 24-hour surveillance and 24x7 onsite staff providing additional protection against unauthorized entry.
Data center access is restricted to data center technicians only.
Credit card safety
When you sign up with Vend, we do not store any of your card information on our servers.