Data and functionality on Graph is protected on several levels.
We offer SSL encryption for all requests to the platform. We require SSL encryption to access any secure section on graph.fm. We do utilize OpenSSL and, as such with the recent Heartbleed bug coverage, have ensured that all servers have the latest updates to secure them from any exposure.
When a user accesses functionality or data on Graph, they must provide 3 security keys for each transaction. Unique keys are generated for the user, each project and each plugin installed.
Our data servers are not directly accessible by the Internet. We isolate any machine contaning personal or user-generated data from the Internet. All data access requires not only local credentials that are granular to a particular data store, but also credentials for the user's account accessing them.
Do you capture data about my users? If so, how is that data secured?