We take security extremely seriously. Aside from the general guidelines put forth in the CISSP certification for all-around information security, we have automated infrastructure scans for compliance, automated penetration tests (and folks who love to do so manually,) and we continuously monitor changelogs for the words “security update.”