Can my IT service provider or IT Glue employees access my passwords?
No. Your IT service provider can not get hold of any passwords that are only shared internally with MyGlue groups and users.
We also do not store your passwords anywhere on IT Glue's internal servers or where our employees can access them. All of your data is stored in Amazon’s databases using Amazon Web Services (AWS).
What security assurances does MyGlue offer?
Our business practices, physical security, application security, and infrastructure security meet SOC 2 enterprise-grade security standards for cloud-based platforms. The SOC 2 certification is extremely important as this is assurance that we use advanced security controls to prevent a data breach and provide uninterrupted service. Our certification hinges on passing regular SOC 2 audits to ensure our standardization with security best practices.
We also automatically adhere to a set of stringent security standards by using AWS as our infrastructure. Cloud security at AWS is the highest priority and AWS environments are continuously audited and monitored.
What other security settings exist?
All connections to the MyGlue application are through a 256-bit AES-encrypted internet connection. All passwords are double encrypted and hashed with a salt, which protects against brute-force attacks and adds an extra layer of security. By encrypting and protecting your sensitive data, we're ensuring that only authorized parties (that's you!) can read it.
Also, if multi-factor authentication (MFA) is enabled in your MyGlue account, then you will be prompted for an authentication code from your mobile phone before you can sign in. MFA creates a multi-layered mechanism that an unauthorized user would have to defeat in order to gain access. Taken together, these multiple factors provide increased security.