Data Handling Procedures
Last modified: June 9, 2020
BlackBoiler does not share any data provided by its clients with any 3rd party. All data is secured in a data silo accessible only by the client and necessary BlackBoiler staff.
BlackBoiler uses AWS cloud infrastructure for SaaS services, data processing and data storage. Access to those resources is secured via VPN, secure tokens and whitelists. Only approved BlackBoiler employees are given tokens enabling access to these resources and then only from known IP addresses.
All data stored at rest is encrypted with AES256.
BlackBoiler transfers all data across secure connections via SSL connections between servers and between BlackBoiler servers and client machines.
Data provided by clients is stored on a secure AWS server. In some instances, individual client files may be temporarily downloaded onto a BlackBoiler employee’s encrypted hard drive for testing purposes.
BlackBoiler does not, in the normal course of business, print customer data. However, any hardcopy data is stored in locked filing cabinets when not in use, and destroyed when no longer needed.
BlackBoiler uses AWS cloud services for its infrastructure. In order to secure client data, BlackBoiler uses multiple levels of access control as well as application and infrastructure monitoring. Please request a security sheet if more information is needed.
For additional questions and/or concerns please contact:
Jonathan Herr, Co-Founder & CTO