Security - Eventeny

Security at Eventeny

Eventeny was founded on the belief that managing large-scale events with hundreds of exhibitors, vendors, sponsors, and volunteers should not be stressful and burdensome. The real-time collaborative Eventeny platform empowers people to design a near-infinite number of events. From small community festivals, to managing multi-day sci-fi conventions, to powering the interactive experiences for trade shows, Eventeny is enabling event organizers from around the world to rethink decades-old event management practices.

The flexibility of Eventeny enables a range of sensitive and mission-critical use cases. As such, we consider privacy and security to be the core functions of our platform, as well as foundational requirements for all new feature development. Earning and keeping the trust of our users is our top priority, so we hold ourselves to the highest privacy and security standards.

When you visit the Eventeny website or use one of the Eventeny features, the transmission of information between your device and our servers is protected using 256-bit TLS encryption. At rest, Eventeny encrypts data using AES-256.

Eventeny servers are located in the US, in data centers that are SOC 1, SOC 2 and ISO 27001 certified. Eventeny's data centers have round-the-clock security, automatic fire detection and suppression, fully redundant power systems, and strict controls for physical access.

We regularly install security updates and patches to keep servers up-to-date. Servers are segmented based on role and protected using restrictive firewalls.

Eventeny utilizes industry-leading Amazon Web Services (AWS) hosting infrastructure. Backups are geo-redundantly replicated across multiple availability zones for data durability. Eventeny maintains business continuity and disaster recovery plans. Components of the disaster recovery plan include multiple site operations playbooks, which are regularly reviewed and rehearsed. Eventeny implements extensive service monitoring, and our operations team is on call 24x7x365.

Within the Eventeny product, team permissions can be managed at the event level or the organization level. These permissions allow you to control who you share events or organizations with and whether they can modify the events or organizations that you've shared with them. Eventeny also enables you to restrict access to an event, organization, or view private link.

Eventeny also saves record-level revision history of the changes made to each record.

Eventeny vets employees and performs background checks in accordance with local laws. Employees complete annual training which covers topics such as data privacy, information security, and password security.

Employee workstations are configured with full-disk encryption, strong passwords, and automatic locking. Employees are prohibited from installing unauthorized software or using portable media.

Eventeny maintains separate production and testing environments.

Eventeny runs automated application-level security scans on a daily basis, package dependency security advisory scans on a weekly basis, and endpoint scans on a monthly basis. In addition to internal scans, Eventeny commissions external penetration tests on a regular basis.

As part of the software development process, code and configuration changes are thoroughly reviewed. Before being deployed, these changes are tested during the quality assurance process to help ensure a consistent experience across all devices, platforms, and browsers that are supported by Eventeny.

Your data is yours. Eventeny does not sell or rent any customer information or information provided to the service. For more information, please review our Privacy Policy.

At any time, you may export data from Eventeny to CSV files.

If you believe you've discovered a security-related issue, please contact us at security@eventeny.com.