The organizations and businesses I work with are about people. Relationships with people (constituents, clients, members, etc.) make up the primary value of these organization or business. Safeguarding the electronic records of those relationships that are stored on the websites that I host is of primary importance in how I work.

There are no absolutes with computers and security, but I believe my hosting and development services to be appropriate to the organizations I serve, and considerably better than most comparable services. Here are a few ways that I work to maintain privacy and security for the sites I host.

1. I only use well-designed, well-maintained software.

I keep up to date with all available security patches from Drupal and CiviCRM, as well as the software stack that these run on (i.e. Apache, Mysql, PHP and Linux).

2. I run my own servers.

I only provide hosting on dedicated servers that I set up and maintain. I don't use shared servers.

3. My servers are hosted in Canada.

They are physically located and cared for in Canada, so that they are only subject to Canadian law.

4. I don't provide shell access.

Only myself and my backup system administrators have access.

5. I advise my clients about security and privacy practices.

Many security problems arise due to poor implementation of security measures that are unuseable or inappropriate for particular situations and result in users bypassing them to create worse problems.

If you require a more specific statement around privacy or security, or have any questions, please contact me.