Security - Skylight - Project Management, Tasks, Time Billing and Invoice Web App For Business

Security

Skylight Security & Safety Guide

As a Skylight Business customer you can be confident that we handle your personal information and data responsibly and in line with good security practices. Following are brief details about security and safety.

Privacy

Skylight maintains a comprehensive privacy program. To us, this means that although we are required by law or regulation to do certain things, we are continually evaluating whether we can and should do more.

  • We do not sell the personal information of our customers to third parties.
  • We have a bounty based venerability program supported by processionals
  • We are members of ICO Information Commissioner's Office and abide by EU/UK data protection laws  read more details here:
  • You can find our privacy policy at: http://skylightit.com/about/privacy-policy/

Hosting Environment

We use Amazon Web Services and EC2 to host Skylight's production systems. Here are some facts on AWS EC2 servers.

  • PCI-DSS Level 1 Service Provider
  • ISO 27001 certified
  • AWS is a Federal Risk and Authorization Management Program (FedRAMP) Compliant Cloud Service Provider
  • SAS-70 Type II and SSAE16
  • Read Amazon Web Services' Risk & Compliance for more information.

Encryption

Skylightit.com uses strong SSL/TLS encryption methods and key management procedures to ensure your sensitive information is protected.

  • All credit card information is encrypted with strong industry-standard cryptographic protocols such as TLS and SSL while in transit between our customers and payment gateways.
  • Credit card information is never stored.
  • Access to encryption keys is held by the smallest number of Skylight team.

PCI Compliant

As per our PCI compliance Skylight does not store any customer credit card data. The transfer between your computer and out payment gateway is encrypted by SSL/TLS.

Research and Disclosure

If you discover a vulnerability with Skylight information systems, report it to us first.

  • Do not attempt to harm Skylightit.com or secure.skylightit.com, its users, or customer's data.
  • Allow reasonable time for Skylight team to resolve the issue before publishing findings publicly.
  • Report details to security@skylightit.com or at join us at https://hackerone.com/skylight
  • Include full details and steps to reproduce.
  • Recognition by listing on the Security Wall of Fame