The security of our site is managed on multiple levels including Physical, Network, Host, Software, and Application-level Security. In general, we don't like to expose much information about our security practices, because it only helps the very people we're securing ourselves against. But we realize security is very important to you, so we've decided to carefully post some points we feel are most important for our customers to know.

• Benchmark Email servers are hosting behind private networks are have multiple firewalls. There are also network based intrusion detection systems in place.
• Data for all sensitive pages are communicated using Secure Sockets Layer (SSL). These include login and credit card related pages. Users may consult their web browser's address or location bar to determine if the currently accessed page is encrypted via SSL.

• We have a highly trained team to ensure all security patches, product upgrades, vulnerability issues are handled for our servers.
• We analyze our network usage logs for irregularities and suspicious activities. All red flags are addressed immediately within the system
• All infrastructure access is limited to a few authorized users only. All machines and servers required passwords. We have a strong password guideline which required minimum characters and have been kept case sensitive. These passwords are expired regularly.
• All ports and services which are not required are disabled. We have set policies for managing and accessing our servers, and any variances are closely monitored. We have setup alerts to inform us of any unusual level of activities running on our servers.

• We follow strict Quality Assurance practices in our software development process. Changes to our business logic and core modules is carried out under the supervision of our senior engineers. All changes are source controlled and our processes are reviewed regularly to constantly find out weakness and improve our current systems.
• Our site is reviewed by third party vendors like Macfee for security vulnerabilities. Any suggestions found are addressed on priority.

• The user accounts are restricted by usernames and passwords. The password is generally never reflected on the website.
• All login pages pass data via SSL
• Access to the Benchmark Email API is protected from brute force