Where is ScreenSteps hosted?
ScreenSteps is hosted on the Amazon Cloud in Northern Virginia. No other hosting options are available.
Can I host ScreenSteps on my own server?
You cannot host the ScreenSteps web application on your servers, but there are options for hosting ScreenSteps generated content on your servers. See Hosting Options for more details.
ScreenSteps follows standard security best practices. This document details our current practices. Please feel free to contact us at firstname.lastname@example.org with any questions.
All requests to ScreenSteps are made over SSL connections EXCEPT when the account user is using a host mapped domain and has not added an SSL certificate for that domain
Access to your data
There are two parts to your data:
- Log data for the application
- The text content that is stored in a database
- The image data that is stored on Amazon's S3 servers
Your database content is only accessed by people you authorize on your account. Your database content may be accessed by a ScreenSteps admin to provide troubleshooting assistance or feedback. This is only done after receiving permission from an administrator on your account.
ScreenSteps maintains application logs. These logs will contain text data that is sent from the ScreenSteps desktop application or the web application. Password data is automatically filtered out. Logs are only used by the ScreenSteps team to troubleshoot customer issues and improve application performance.
ScreenSteps uses a third party tool to aggregate log data. Please contact us if you would like more information about the vendor we use.
Images are stored on Amazon's S3 storage service. If you are working in a protected site then each image will have an expiring URL. That means that after a certain time period the URL that points to the image will need to be regenerated by the ScreenSteps application.
If you mark a site as public or enable the HTML copy feature on your site then images are stored with a public URL that does not expire.
All ScreenSteps employees receive security training and do their best to implement security best practices.
- Employees are trained in security best practices
- Computer workstations all use industry standard encryption
- All workstations have security software installed which is regularly updated
- Employees are trained to never disclose personal data to unauthorized people, either within the company or externally
- The only people who have access to personal data are those who need that data to perform their job function and/or support our customers.