• Resource Guru is primarily hosted on Google Cloud Platform in the United States - offering a highly secure, reliable and resilient environment. Systems automatically restart when they fail and automatically scale up when necessary.
  • The Google security model is an end-to-end process, built on over 15 years of experience focused on keeping customers safe on Google applications like Gmail and Google Apps. With Google Cloud Platform our app and data take advantage of the same security model. Learn more about Google Cloud Platform security.
  • Google Compute Engine has completed ISO 27001, SSAE-16, SOC 1, SOC 2, and SOC 3 certifications, demonstrating their commitment to information security (many Google customers use SOC 1 as an integral part of their Sarbanes-Oxley efforts and other security and compliance initiatives). Learn more about Google’s compliance certifications.

Data transmission, storage and backups

  • User data is always sent over a secure connection using 128-bit SSL encryption (the same level of encryption used by leading websites).
  • By default, Google Compute Engine encrypts all data at rest.
  • The servers on which we store personal data, and the teams that process it, are all located within the USA, European Economic Area (“EEA”) and South Africa.
  • Our data is backed up onto encrypted, redundant block storage across multiple availability zones in our data centre using a method that allows us to perform a point-in-time recovery to any time of the day.
  • It is our standard policy that we will never examine customer data unless it is absolutely necessary for technical reasons. Furthermore, personnel are not able to log into customer accounts via any user interface and, if access is ever needed to troubleshoot an issue, we will first gain consent from the relevant customer. At that point, customers are welcome to refuse. There is no other user interface available to us apart from raw data in the database which is restricted to authorized persons who only have access to the extent necessary to perform their duties.
    • Any customer data accessed by authorized persons in the performance of their duties is transferred over a secure connection and stored on encrypted hard drives.

General security

  • Resource Guru has been designed to protect against common web attacks and our systems are kept up to date with the latest software versions and security patches.
  • We perform regular security scans using an independent, third party vulnerability scanner.
  • Google intrusion detection involves tightly controlling the size and make-up of Google’s attack surface through preventative measures, employing intelligent detection controls at data entry points, and employing technologies that automatically remedy certain dangerous situations.
  • The app has a multi-tenant architecture which ensures that any data retrieved for a user during their session is scoped only to the account they belong to.
  • Passwords are stored encrypted - hashed with salt using a strong hashing algorithm.
  • Resource Guru also features a user permission system to ensure that admins can control which sections of their account users have access to.
  • We use automated code analysis systems to highlight any potential security threats and vulnerabilities.

Permissions and access control

  • We know that you need to control who has access to your data. That's why we built in some advanced user permissions which allow you to control who has access to the different sections of your account.
  • With SSO-only mode (single sign-on), you can centralise access control. When you deprovision someone in your identity provider (IdP), they will automatically lose access to your Resource Guru account. So, only the right people have access to your data.

Data privacy and protection

  • We take data privacy and protection extremely seriously. Please see our Privacy Policy for details of how we comply with data protection law. As required by the UK Data Protection Act 1998, Resource Guru is registered as a data controller with the Information Commissioner’s Office (ICO) under registration number Z3001946.

What are you waiting for?

Sign Up for your 30-day free trial now.