We adhere to industry best practices when developing applications for Geckoboard. All changes made to our applications and infrastructure are peer reviewed by a separate member of staff, and the changes are recorded in an audit log.

We have a designated team that keeps our software and its dependencies up to date, eliminating any potential security vulnerabilities. We employ a wide range of monitoring solutions for preventing and eliminating attacks to the site.

When a potential security vulnerability is reported, it is handled with the highest priority until properly addressed. You can find our responsible disclosure policy and submit a vulnerability report here.

In addition to our internal testing and Bug Bounty Program, each year Geckoboard employs third-party security experts to perform detailed penetration tests on the Geckoboard application.

Geckoboard's Business Continuity Program ensures resiliency, recoverability and contingency from significant business disruption, such as local or regional events like a natural disaster, fire, power outage, acts of malice, and technical or infrastructure disruption. Business Continuity focuses on ensuring Geckoboard's critical business functions and technologies will continue to operate despite a significant disruption that might otherwise have caused an interruption, or will be recovered to an operational state within a reasonably short period.

AWS's business continuity management plan ensures resiliency, recoverability and contingency from significant business disruption, such as local or regional events like a natural disaster, fire, power outage, acts of malice, and technical or infrastructure disruption.

We ensure that all customer account and dashboard data is regularly backed up. Access to these backups is tightly controlled, and audited.