Security

Security is a serious topic at Binary Lane. We constantly review our processes and software systems in conjunction with our customers to ensure that we're providing the most security environment possible.

This page provides general information about our security practices. If you have specific questions relating to security that are not covered here, please don't hestiate to get in touch.

Physical security

Our data centre uses state-of-the-art security to ensure that there's no possibility of physical access to the servers. Unauthorised personel are not allowed into the data centre at all. Servers are kept in locked cabinets that can only be accessed by Binary Lane staff.

For more on the data centre security, please visit the NEXTDC website.

Platform security

We use KVM as our virtualisation solution - a proven, reliable open source platform for virtual servers. We monitor the KVM project closely to ensure our implementation is up-to-date and the system is as secure as possible.

Our own software is 100% written in house in our office in Brisbane, Australia. We run regular defect tests and security checks over our code base.

Any sensitive communications between our system and our users is done over a secured channel.

User account passwords are stored in a salted and hashed format.

PCI Compliance

We use PayPal for our credit card processing and as required our service is PCI compliant. Credit card details are tokenised and not stored on our servers for billing purposes.

Responsible Disclosure Process

We are firm believers in responsible disclosure and are happy to work closely with security researchers and the extended software development community.

In the event that you find any security issues with your Binary Lane server or the platform as a whole, please contact us and we'll get back to you as soon as possible.

When a ticket is logged it will be evaluated by our first-line support team. If it is flagged as related to security, it will be escalated immediately to our product manager, who will assign it to the appropriate team for further investigation.

We aim to reply to all security-related tickets within four business hours.