Commonly asked security questions
Do you use SSL encryption for client communication?
We use SSL encryption for credentials only. Your credentials are sent to the server encrypted. We do not use SSL encryption for any data download or upload.
Is there anything to ensure user's work will not be lost if the site is down?
VoiceThread is proud to keep a greater than 99.9% up-time over the last four years. Backups are done onsite and offsite, with the offsite backups located 500 miles from our primary datacenter. Our backups have a retention of at an absolute minimum 30 days, but differ past that depending on what type of data we're backing up.
Are passwords encrypted in storage?
Passwords are encrypted in storage. You may reset your password with a confirmation email, but we cannot see or retrieve your password.
Where client software is required to be installed or updated, will it interfere with local programs?
No client software is required because VoiceThread is 100% browser based. We do strongly encourage keeping your browsers and Adobe Flash up-to-date.
Do you apply host security standards on your servers, and check them whenever changes are made to the security configuration?
Most of our servers can only be accessed from our local network, and development servers can only be accessed from locations of our developers. We do regular security audits, follow security advisories from projects that we use, and perform patches as soon as they become available. We read security logs and monitor intrusion attempts.