Security is a serious topic at BinaryLane. We constantly review our processes and software systems in conjunction with our customers to ensure that we're providing the most secure environment possible.
This page provides general information about our security practices. If you have specific questions relating to security that are not covered here, please don't hesitate to get in touch.
Physical security
Our data centres use state-of-the-art security to ensure that there's no possibility of physical access to the servers. Unauthorised personnel are not allowed into the data centres at all. Servers are kept in locked cabinets that can only be accessed by BinaryLane staff.
For more on data centre security, please visit the NEXTDC website.
Platform security
We use KVM as our virtualisation solution - a proven, reliable open source platform for virtual servers. We monitor the KVM project closely to ensure our implementation is up-to-date and the system is as secure as possible.
Our own software is 100% written in house in our office in Brisbane, Australia. We run regular defect tests and security checks over our code base.
Any sensitive communications between our system and our users is done over a secured channel.
User account passwords are stored in a salted and hashed format.
PCI Compliance
We use PayPal for our credit card processing and as required our service is PCI compliant. Credit card details are tokenised and not stored on our servers for billing purposes.
Responsible Disclosure Process
We are firm believers in responsible disclosure and are happy to work closely with security researchers and the extended software development community.
In the event that you find any security issues with your BinaryLane server or the platform as a whole, please contact us and we'll get back to you as soon as possible.
When a ticket is logged it will be evaluated by our first-line support team. If it is flagged as related to security, it will be escalated immediately to our product manager, who will assign it to the appropriate team for further investigation.
We aim to reply to all security-related tickets within four business hours.