Assembla takes security and data integrity seriously. We provide a superior level of protection, monitoring, and redundancy to ensure that you can focus on your work instead of worrying about your data.
Physical security is provided by our data centers. Amazon EC2 is our main data center. You can review Amazon policies here.
Production access is restricted to VPN access with individual user accounts and credentials for the administrators. Our Firewalls are open for the fewest possible ports outside of necessary Assembla ports and the VPN, exposing a limited number of services. This has never been compromised.
BACKUP AND DATA RECOVERY
Assembla on-demand runs hourly backups to a public cloud provider for disaster recovery. We run real-time replication between servers in the same data center. We back up repository changes within 30 minutes to a failover server in the same datacenter, and to a disaster recovery cluster in a different datacenter.
Our VCS Enterprise plan has an option to set up automated daily backups for your repos and files (not tickets) to your own Amazon S3 account.
We place a high priority on data integrity, and keep your data in several backup locations. It helps us provide a high level of customer service. When you delete data, we maintain copies for one month, because we often get requests to re-install deleted repositories. For every bit written by you, we write it at least 16 more times for redundancy and backups.
Authentication for user services is provided by username and password submitted over SSL. You may also set an IP restriction option, via the Admin-Security page in each space, so that only users at specified IP addresses or ranges can access your workspace content.