Security

Security is our Priority

At Sesame we take the security of our users' data very seriously. We take many industry standard measures to ensure communication and data storage are kept secure. If you have any concerns feel free to contact us at security@sesamehq.com.


Secure Communications

Our website is only served over HTTPS encrypted channels which uses SSL to protect against malicious eavesdroppers, ensuring your communications are kept secret. We also use HSTS settings to ensure your web browser knows to only communicate via HTTPS, further hardening the communication between your browser and our servers.

We take care to use the latest security practices and regularily audit our systems to patch for the latest security patches for our services.


Data Storage

We take both the security and availablilty of your data very seriously. Our databases can only be contacted within our private network and are firewalled from the public internet. We also keep daily encrypted backups both onsite as well as in a separate datacenter to ensure the safety of your data.

User passwords are hashed and salted before being stored in our database using bcrypt.


Disclosure

If you believe you have found a security issue, please get in touch by emailing security@sesamehq.com. We request that you do not publicly disclose the issue until we have had the chance to address the issue.