Brandcast studio traffic runs entirely over encrypted SSL with Perfect Forward Secrecy, Heartbleed, and POODLE vulnerabilities and attacks mitigated (see our SSL Labs Report). In cryptography, forward secrecy (also known as perfect forward secrecy or PFS) is a property of key-agreement protocols that ensures that a session key derived from a set of long-term keys will not be compromised if one of the long-term keys is compromised in the future.
We use Strict Transport Security (HSTS) to ensure browsers interact with Brandcast studio exclusively over https. This means passwords and other sensitive data is never leaked over the network.
All passwords are hashed using bcrypt with a cost factor of 10. We don't ever store your password in plain-text. Bcrypt is a fortified cipher that is near-impossible to crack.
We do not store any credit card information. This data is handed off to Braintree, a company dedicated to storing your sensitive data on PCI-compliant servers.
Employees are required to encrypt their hard drives, utilize strong passwords, and enable screen locking.