Our team is committed to building a platform that helps you collect submissions and applications easily without compromising privacy or security. Your work is safe with us.
In addition to the certification and security features listed above, here are some of the most common security-related questions we get asked.
Submittable stores data in the Amazon Web Services US East (N. Virginia) region. We use multiple availability zones within this region to ensure durability.
Data is stored using Amazon RDS. RDS provides automated backups which are retained for 35 days to enable point-in-time restores for the last month. We regularly test these backups manually in addition to the automated verification provided by AWS RDS. File attachments are stored in Amazon S3 which is designed for high durability.
We have uptime of 99.9% or higher.
Yes, all employees complete information security and HIPAA training on an annual basis.
Our developers have established a baseline for normal system activity to assist in identifying suspicious activity. This means Submittable is prepared for known attacks, like phishing schemes, but also for new, unknown threats. Alerts and intrusion detection tools let our team know if unauthorized access does occur, so that response and corrective action can occur quickly. Audit trails lead to the root cause of an attack quickly so we can make quick and informed decisions about how to respond.
If you have additional questions regarding security or requests for specific compliance documents, we are happy to answer them.