Security Policy

Last reviewed February 2020

We know how important your personal information is, which is why we employ some of the most advanced technology for Internet security available today. When you access our site through HTTPS, sensitive information you send, such as passwords and bank account numbers, are encrypted using the industry standard TLS (Transport Layer Security) protocol, commonly called SSL (Secure Sockets Layer), ensuring your data is safe, secure, and available only to authorized users in your organization.

We provide each user with a unique username that can be used to reliably track which user account triggered an action within the software. Each username has a password that is hashed with bcrypt, which prevents anyone from decrypting or recovering the password. In addition, users can log in through Google to prove they own the email address associated with their user account in Buildium. When using Google to log in, the user relies on Google’s security to safeguard their credentials.

Beyond the username and password for each user account, we also enforce the use of two-factor authentication, which helps keep each user account secure, even if a password is guessed or compromised.

In addition, we store customer data securely in the cloud utilizing Amazon Web Services or AWS. AWS is trusted by some of the largest companies and federal agencies in the world, and Buildium is working with the services provided by AWS to ensure your data is secure, utilizing advanced data encryption, hardened patched operating systems, firewalls, and world-class physical security help to prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of customer data.

All customer data is stored with Amazon RDS Encryption, which ensures that everything is encrypted at rest, including the underlying storage for the database, as well as any data in backups or replicas. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.
Buildium understands how sensitive your data is, and that is why we have partnered with Amazon, one of the world leaders in data storage and security. You can rest easy knowing that your company data is safe, encrypted, and protected.

Questions

If you have any questions about our Security Policy, please email us or send us a note at:

Buildium, LLC
Privacy Department
3 Center Plaza, Suite 400
Boston, MA  02108