What about Security and Backups?

Security is our #1 priority. Yammer recognizes that the confidentiality, integrity, and availability of our customersʼ information are vital to their businesses and to our own success. Application Security Yammer takes every measure to protect against the loss and unauthorized access of your data. Connection to Yammer is always over a secure channel (SSL 3.0/TLS), ensuring that the transmission of data between your computer and Yammer is never compromised. Your data is never accessible via http, and we redirect all http connections to https (SSL/TLS). User passwords stored on our servers are rendered unreadable using a cryptographically strong salted hash algorithm. Low-Level Logical Barriers between Networks Your data is private and separate from other Yammer networks. Low-level logical separation ensures that data cannot be leaked between Yammer networks, even in the event of a programming error. Data Center Security Yammer stores your information on hardened Linux servers in our enterprise-grade data center. We employ 24/7/365 video surveillance, strict personnel access controls, on-site security, and audits to keep your information safe. Any visitor to our premises must be authorized, and further authorization is required to access areas with servers, workstations, or networking equipment. As part of our strict visitor access controls, a visitor log is kept to maintain a physical audit trail of visitor activity. Data Backup and Disaster Recovery We have equipped our data center with redundant load balancers and core switches to ensure the integrity and availability of your data. Customer data is automatically backed up to a geographically separate site, and is immediately bulk encrypted (we use AES - Advanced Encryption Standard). Anti-Virus Security We deploy anti-virus software across all systems commonly affected by viruses and other malware and work vigilantly to protect against newly discovered vulnerabilities. Internal and 3rd Party Testing We thoroughly test our source code for security vulnerabilities. We run weekly internal and external network vulnerability scans, and 3rd party penetration tests are run at least quarterly and after any significant network change. We also employ file integrity monitoring software to alert personnel to unauthorized modification of critical system or content files. Logical Firewall You can restrict access to your Yammer network to a specific IP range, so that Yammer is only accessible at designated physical locations. Password Policies Set password policies for members of your Yammer network (requiring any combination of length, numbers and letters, and special characters, as well as changing passwords on a regular interval). Strong Authentication Protects against "phishing attacks" and compromise of secondary email accounts.

Sign up to vote on this title
UsefulNot useful