Assembla takes security and data integrity seriously. We provide a superior level of protection, monitoring, and redundancy to ensure that you can focus on your work instead of worrying about your data.
Physical security is provided by our data centers. We have two main data centers at Cirracore (an Equinix Facility) and Amazon EC2. You can review Amazon policies here and the Cirracore policies here.
Production access is restricted to VPN access with individual user accounts and credentials for the administrators. Our Firewalls are open for the fewest possible ports outside of necessary Assembla ports and the VPN, exposing a limited number of services. This has never been compromised.
BACKUP AND DATA RECOVERY
Assembla runs hourly backups to Amazon S3, and runs real-time replication between servers and sites. We back up repository changes within 30 minutes to a failover server in the same datacenter, and to a disaster recovery cluster in a different datacenter. We call this "triple redundant." You also have an option to set up automated daily backups for your spaces & repos to your own Amazon S3 account.
We place a high priority on data integrity, and keep your data in several backup locations. It helps us provide a high level of customer service. When you delete data, we maintain copies for one month, because we often get requests to re-install deleted repositories. For every bit written by you, we write it at least 16 more times for redundancy and backups.
Authentication for user services is provided by username and password submitted over SSL. You may also set an IP restriction option, via the Admin-Security page in each space, so that only users at specified IP addresses or ranges can access your workspace content.