Enterprise-grade security to help protect your team and your data
You trust Range to help your team stay in sync, feel connected, and get more done. Our most important job is to keep your data safe along the way.
Range undergoes regular pentetration tests, is designed to be GDPR compliant, and utilizes industry best-practice for encryption at rest and in transit.
Range is committed to ensuring that Customer Data is not seen by anyone who should not have access to it. We have audited controls and policies that govern our employees’ access to production systems.
Range uses Amazon Web Services (AWS) for the hosting of our services. AWS data centers are monitored by 24×7 security, biometric scanning, video surveillance and are SOC 1, SOC 2, and SOC 3 certified.
All Customer Data is encrypted both at rest and in transit. Services are reachable exclusively via HTTPS with TLS 1.2 or higher. We are careful to make sure no resources are loaded from plain HTTP sites. We have HSTS configured to one year. ALB certs are issued by AWS, backend certs are issued by COMODO.
Production servers and databases are hosted in a dedicated VPC and are not publicly accessible. All servers are configured with two-factor authentication and all unnecessary ports are blocked by AWS Security Groups.
Range's databases operate in multiple availability zones and have several layers of backup and replication. Primary databases have automatic backups, with point in time recovery, and additional snapshots taken every two hours and stored in a second region.
Internal processes keeps our services and applications up to date and free of vulnerabilities. Breaches will be reported within 72 hours (48 hours for Enterprise customers), externally reported vulnerabilities will be fixed ASAP.