Data Security

At Everything Motorsports, we’re concerned about your privacy and the security of your form data. Below are the measures we take to ensure that your data is safe:

1. Everything Motorsports uses TLS 1.2/SSL encryption and is always accessed over HTTPS 100% of the time for all users.
2. Everything Motorsports submitted information is hosted securely by Godaddy, which is PCI (DSS) and ISO 27001 compliant. View Godaddy compliance information 
3. Access to our production environment is limited to select operations taff, requiring two-factor authentication to deploy updates or access a secure system for limited troubleshooting.
4. We partner with Stripe for credit card processing so that secure payment information is never transmitted or stored by Everything Motorsports. View Stripe security information. We also take measures to prevent malicious scripts on sites we are embedded in from stealing this information.
5. The Everything Motorsports architecture is unique and highly specialized for massive scale while maintaining data isolation. It does not use transactional databases and is not vulnerable to SQL injection attacks.
6. Production access credentials for storage and encryption tokens used to encrypt sensitive organization data are stored in an Azure credential store and are not stored within our own development environments.
7. All text data stored by Everything Motorsports is sanitized to prevent JavaScript injection attacks, which someone might attempt to leverage by submitting JavaScript as entry data to maliciously access other entry data by compromising our customers browsers when managing entries.
8. Sensitive data, such as Social Security numbers and other personally identifiable information, is required to be encrypted at rest using 256-bit AES encryption. It must also be protected so that it is never emailed or otherwise transmitted in an insecure way. Any field type can be encrypted and/or protected, including uploaded files and sections.
9. Everything Motorsports uses opportunistic TLS encryption when sending email to always encrypt messages when supported by downstream servers. 

We know that there are evolving threats to data security, and we will continue to refine our processes to ensure the safety of our customers’ data in Everything Motorsports.