- Authentication: User data on our database is logically segregated by account-based access rules. User accounts have unique usernames and passwords that must be entered each time a user logs on. SurveyMonkey issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include the password of the user.
- Passwords: User application passwords have minimum complexity requirements. Passwords are individually salted and hashed.
- Single Sign-On: For our Enterprise accounts, SurveyMonkey supports SAML 2.0 integration, which allows you to control access to SurveyMonkey across your organization and define authentication policies for increased security. For more details, visit our SSO help page.
- Data Encryption:Certain sensitive user data, such as credit card details and account passwords, are stored in encrypted format.
- Data Portability: SurveyMonkey enables you to export your data from our system in a variety of formats so that you can back it up, or use it with other applications.
- Data Residency: All SurveyMonkey user data, to include Wufoo, TechValidate, SurveyMonkey Intelligence, is stored on servers located in the United States. For FluidSurveys and FluidReview, all data is stored in Canada.
All SurveyMonkey information systems and infrastructure are hosted in top-notch data centers. These data centers include all the necessary physical security controls you would expect in a data center these days (e.g., 24×7 monitoring, cameras, visitor logs, entry requirements). SurveyMonkey has dedicated cages to separate our equipment from other tenants. In addition, these data centers are SOC 2 accredited. For more information, visit SuperNAP and InterNAP. If you are looking for FluidSurvey or FluidReview information, please contact us directly.
- Connectivity: Fully redundant IP network connections with multiple independent connections to a range of Tier 1 Internet access providers.
- Power: Servers have redundant internal and external power supplies. Data centers have backup power supplies, and are able to draw power from the multiple substations on the grid, several diesel generators, and backup batteries.
- Uptime: Continuous uptime monitoring, with immediate escalation to SurveyMonkey staff for any downtime.
- Failover: Our database is replicated in real-time and can failover in less than an hour.
- Testing: System functionality and design changes are verified in an isolated test “sandbox” environment and subject to functional and security testing prior to deployment to active production systems.
- Firewalls: Firewalls restrict access to all ports except 80 (http) and 443 (https).
- Access Control:Secure VPN, 2FA (two-factor authentication), and role-based access is enforced for systems management by authorized engineering staff.
- Logging and Auditing: Central logging systems capture and archive all internal systems access including any failed authentication attempts.
- Encryption in transit: Users can determine whether to collect survey responses over secured, encrypted TLS connections. All other communications with the surveymonkey.com website are sent over TLS connections. Transport Layer Security (TLS) technology (the successor to SSL) protects communications by using both server authentication and data encryption. This ensures that user data in transit is safe, secure, and available only to intended recipients. Our application endpoints are TLS only and score an “A” rating on SSL Labs‘ tests. We also employ Forward Secrecy and only support strong ciphers for added privacy and security.
- Patching: Latest security patches are applied to all operating systems, applications, and network infrastructure to mitigate exposure to vulnerabilities.
- Third Party Scans: Our environments are continuously scanned using best of breed security tools. These tools are configured to perform application and network vulnerability assessments, which test for patch status and basic misconfigurations of systems and sites.
- Penetration Testing: External organizations perform penetration tests at least annually.
- Bug Bounty: SurveyMonkey runs a private bug bounty program to ensure our application is constantly reviewed for bugs. We take security of our platforms very serious!
Organizational & Administrative Security
- Information Security Policies: We maintain internal information security policies, including incident response plans, and regularly review and update them.
- Employee Screening: We perform background screening on all employees, to the extent possible within local laws.
- Training: We provide security and technology use training for employees.
- Service Providers: We screen our service providers and bind them under contract to appropriate confidentiality and security obligations if they deal with any user data.
- Access: Access controls to sensitive data in our databases, systems, and environments are set on a need-to-know / least privilege necessary basis.
- Audit Logging: We maintain and monitor audit logs on our services and systems.
- Backup Frequency: Backups occur hourly internally, and daily to a centralized backup system for storage in multiple geographically disparate sites.
- Production Redundancy: Data stored on a RAID 10 array. O/S stored on a RAID 1 array.
Software Development Practices
- Stack: We code in Python and run on SQL Server, Windows, and Ubuntu.
- Coding Practices: Our engineers use best practices and industry-standard secure coding guidelines to ensure secure coding, which align with the OWASP Top 10.
- Deployment: We deploy code dozens of times during the week, giving us the ability to react quickly in the event a bug or vulnerability is discovered within our code.
Compliance and Certifications
- PCI: SurveyMonkey is PCI 3.1 compliant because we store, transmit, and process credit card data.
- HIPAA: Enhanced security features are available for HIPAA-enabled accounts.
Handling of Security Breaches
Despite best efforts, no method of transmission over the Internet and no method of electronic storage is perfectly secure. We cannot guarantee absolute security. However, if SurveyMonkey learns of a security breach, we will notify affected users so that they can take appropriate protective steps. Our breach notification procedures are consistent with our obligations under various state and federal laws and regulation, as well as any industry rules or standards that we adhere to. Notification procedures include providing email notices or posting a notice on our website if a breach occurs.
Keeping your data secure also depends on you ensuring that you maintain the security of your account by using sufficiently complicated passwords and storing them safely. You should also ensure that you have sufficient security on your own systems, to keep any survey data you download to your own computer away from prying eyes. We offer TLS to secure the transmission of survey responses, but it is your responsibility to ensure that your surveys are configured to use that feature where appropriate. For more information on securing your surveys, visit our Help Center.
Due to the number of customers that use our service, specific security questions or custom security forms can only be addressed for customers purchasing a certain volume of user accounts within a SurveyMonkey Enterprise subscription. If your company has a large number of potential or existing users and is interested in exploring such arrangements, please check out www.surveymonkey.com/mp/enterprise.
Last updated: June 1, 2016.