Your browser is no longer supported! Please upgrade your web browser now. Learn More

Security & Privacy

All data stored on Harvest is safe, secure, and reliable. For us, it’s the only way to do business.

Get Started Now

How We Keep Your Data Safe

All Harvest accounts use SSL-encrypted connections by default — the same level of security used by online banks. You never send or receive sensitive information in plain-text. Additionally, industry-standard physical and remote security is administered at datacenter facilities.

How We Keep Your Data Safe

Serious Privacy

Harvest is certified by TRUSTe, an independent privacy services provider, to ensure your privacy is protected. You can review our Privacy Policy for further information.

Serious Privacy

How We Stay Reliable

Harvest achieves an average 99.9% uptime. Here are a few things we do to ensure we stay available for you whenever you need to access your information:

  • Network connectivity is provided by multiple top carriers.
  • All data is protected by hardware RAID over multiple data storage units.
  • Critical servers have redundant power supplies.
  • Critical components are deployed in at least redundant pairs.
  • All backups are replicated to at least 2 physical datacenters.
  • All backup systems are tested biweekly.
  • Backups occur once daily at a minimum, with many occurring twice daily.

Industry Standard Security

Harvest systems and processes adhere to industry best practices in security, including the following:

  • Encrypted inter-server and inter-datacenter communication.
  • Sensitive data encryption in the databases.
  • Tightly firewalled and monitored servers.
  • Strictly controlled access to servers or customer data.
  • Immutable audit trail for support-related data access.

Responsible Security Disclosure

Harvest has an engaged developer community and we value the role played by third parties in Internet security. Our customers trust us with their data and we take this trust extremely seriously. The following process is in place for any person or organization to report vulnerabilities in the Harvest service:

  • Email a complete description of the issue to security@getharvest.com. Include code samples and as much detail as possible.
  • The Harvest security team will acknowledge receipt of the email promptly and investigate.
  • Most reports will take less than 24 hours to investigate and determine a course of action.
  • Be responsible and retain the private nature of this disclosure until the Harvest security team has responded to your submission with a timeline of any mitigation underway.
  • Harvest does not persue any action against parties who disclose issues through this process.
  • Harvest does not compensate disclosing parties for submissions.