Here at Alt-Gen, security is truly our highest priority.
Over 100,000 people have trusted us to keep their information safe, and we're constantly updating and improving the security of Alt-Gen to meet higher and higher standards.
- We don't store or handle any payment information. We use a secure, PCI and DSS compliant payment partner to handle all payments. Alt-Gen never sees, stores, or transmits any sensitive payment information, such as card numbers.
- We have a functioning, frequently used automation in place so that we can safely and reliably rollout changes to both our application and operating platform within minutes. We typically deploy dozens of times a day, so we have high confidence that we can get a security fix out quickly when required.
- User data in our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on. Alt-Gen issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include the password of the user.
- We regularly engage with well-regarded third-party auditors to audit our code-base and infrastructure and work with them to resolve potential issues.
- User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.
All Alt-Gen information systems and infrastructure are hosted in world-class data centers. These data centers include all the necessary physical security controls that you would expect in a data center these days (e.g. 24×7 monitoring, cameras, visitor logs, entry requirements).
- Connectivity: Fully redundant IP network connections with multiple independent connections to a range of Tier 1 Internet access providers.
- Power: Servers have redundant internal and external power supplies. Data centers have backup power supplies and are able to draw power from the multiple substations on the grid, several diesel generators, and backup batteries.
- Uptime: Continuous uptime monitoring, with immediate escalation to Alt-Gen staff for any downtime.
Handling of Security Breaches
Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if Alt-Gen learns of a security breach, we will notify affected users so that they can take appropriate protective steps. Our breach notification procedures are consistent with our obligations under various state and federal laws and regulations, as well as any industry rules or standards that we adhere to. Notification procedures include providing email notices or posting a notice on our website if a breach occurs.
Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems, to keep any data you download to your own computer away from prying eyes.
Questions? Get in touch either via the messenger in the bottom right of all Alt-Gen pages, or shoot us an email at email@example.com