June 11, 2014 – Here at Dynamic Yield, we always strive to better our product – both feature-wise and behind the scenes – by improving our infrastructure. Right now we are working on adding additional security measures for our Admin application.
Dynamic Yield enables you to change your site content and/or layout with a few simple definitions within the Dynamic Yield Admin application. In order to protect your site, we have added some extra security measures, which are outlined below.
The most important thing is having all browser-to-server communication encrypted using SSL (HTTPS). You might say, “Well, that’s great, but look at the Heartbleed bug – this is a major vulnerability of HTTPS.” The answer: We went ahead and made sure our servers are using a version of OpenSSL that does not include this vulnerability.
We didn’t stop there! We also revised our login process to include a Two-factor Authentication mechanism. Passwords, unfortunately, aren’t as secure as they used to be, and if someone gets your password, they can access your account without any fuss. Even having a strong password doesn’t completely protect you. Two-factor authentication solves this problem. (Taken from LifeHacker.com)
Google’s head of webspam team, Matt Cutts, put it best:
So next time you log in to Dynamic Yield, rest assured that your website data is secure with us.