We are dedicated to providing a service that is secure and reliable. Outlined below are the various policies and procedures we have implemented to keep your data secure. If you have any questions about security issues, or if you've noticed a possible security issue, please let us know at [email protected].
Honeybadger complies with the General Data Protection Regulation, and our Data Processing Addendum (DPA) is part of our standard terms for customers in the EU. Our DPA incorporates the Standard Contractual Clauses for data transfers.
We have a standard Business Associate Agreement we are willing to execute for customers who need that agreement in place as part of their compliance process. Please contact us for more details.
Honeybadger's production infrastructure is hosted 100% at Amazon Web Services' (AWS) facilities in the us-east-1 region. Data processing takes place on EC2 instances within a VPC and via AWS Lambda. All instances and supporting services (ElasticSearch, ElastiCache, etc.) are protected by security groups that prevent public access aside from web traffic. SSH access is only available via VPN, which uses per-client certificates for authentication. Password-based SSH access is disabled. Access to infrastructure configuration via the AWS console is limited to employees with a development or operations role, and two-factor authentication is required.
File integrity monitoring, network intrusion, and antivirus software run on instances in the production environment, and logs from those systems are reviewed on a regular basis. The operations team keeps current on security issues announced for the components that make up the stack, such as Ubuntu Linux, PostgreSQL, etc.
Customer access to the Honeybadger application is protected via SSL/TLS. Users supply a valid user ID, a password (which is never stored as cleartext), and optionally a one-time-password (if two-factor authentication is enabled) to gain access. Customers can optionally use SAML SSO to provide access to team members, and the list of approved team members can be managed via the application UI. An API provided by the application can be accessed via personal API keys, which can be changed at any time by individual users. Customer data is stored in encrypted format using software supporting the Advanced Encryption Standard (AES).
The Honeybadger API is protected by SSL/TLS and is hosted on instances separate from the application to improve security and reliablity. Access is limited via per-project API keys, which can be changed in the application UI. The error data we receive via our API endpoints is purged after 180 days, and shorter retention periods can be configured in our application. Our client libraries give you control over the data you send us, and we take steps to avoid sending sensitive data (such as passwords and most environment variables) by default.
All traffic among components of our services is encrypted when traveling over public networks. Vulnerability scans are performed weekly, and penetration tests are performed annually. The development team keeps current on security issues announced for the application's framework (Ruby on Rails).
Honeybadger uses redundancy for every component that makes up the system, including load balancers, application servers, database servers, etc. Instances for each distinct service, like the main application and the database, are deployed across multiple zones with automatic failover to handle the loss of a zone. Terraform is used for deploying infrastructure, which minimizes problems caused by manually updating the production environment, and allows for changes to be tracked via git. Ansible is used for installing and configuring software on instances, making that process repeatable and trackable via git. Autoscaling groups are configured per role (application, API, workers, etc.) and use custom Amazon Machine Images (AMIs) that are preloaded with the required software, which allows for quick recovery for failed instances and scale-out for increases in workloads.
Monitoring software is used to identify and evaluate ongoing system performance, capacity, security threats, changing resource utilization needs and unusual system activity. Honeybadger follows a ChatOps approach, where all alerts are routed to Slack, so that all team members are kept up to date with the status of the system. Slack is also used for incident response coordination. Employees with a responsbility for operations are included on a weekly PagerDuty rotation to quickly respond to outages and other critical issues. The rotation also includes a backup assignment to other members of the operations team at all times. The current status of Honeybadger's systems and dependencies is always available at our status page.
The primary database is continuously backed up to S3, and restoration tests of those backups are conducted quarterly. Customer data submitted via the API is persisted to S3.
Organizational and information security policies and procedures are in place to maintain integrity and security of data processing. For example, Honeybadger has no physical offices, so individual employees are responsible for maintaining physical and logical security of their work areas and devices. Honeybadger's information security policy outlines required procedures, such as restricting WiFi networks, running antivirus software, etc., that employees follow to prevent breaches or loss of data. Other security policies, such as customer data not being allowed to be removed from the production environment, are readily available for review by employees and contractors.
All employees undergo background checks at the time of hire, and are also required to review the company handbook and code of conduct at that time. Security training is completed each year for all employees, with additional security training provided for application developers. Logical access to systems is approved and granted to an employee as a component of the hiring process, and is revoked as a component of the termination process. On an annual basis, management identifies and assesses the types of fraud and other risks that could impact the business and operations, then develops risk mitigation strategies to address risks identified during the risk assessment process.
Change control policies and procedures are in place to ensure reliable delivery of updates to Honeybadger's deployed applications. Changes are documented and tracked via GitHub issues, tested via automated tests, reviewed and approved before being deployed, and deployed via an automated continuous integration/continuous deployment (CI/CD) system. Development and test environments are physically and logically separated from the production environment.