AMA: Figma's New Pricing Model

over 6 years ago from Dylan Field, CEO at Figma

  • Benjamin L, over 6 years ago

    Can you talk about your infrastructure a bit? Security, data storage, redundancy, etc...

    4 points
    • Dylan FieldDylan Field, over 6 years ago

      Hi Benjamin,

      No system is 100% secure, but we practice stringent controls to mitigate risks as best we can. Some of our controls include:

      • 100% of communication over the Internet is encrypted using HTTPS/TLS
      • 100% of Figma application servers use encrypted hard drives
      • 100% of user files stored in Amazon’s S3, redundantly with a 99.999999999% durability SLA
      • CSRF counter-measures for all HTTP RPC methods
      • Production application servers isolated within a private network, inaccessible by the Internet
      • Production SSH keys limited only to trained operations personnel, and regularly rotated
      • Passwords are never stored except if hashed using salted bcrypt
      • Routinely revise, audit, and improve security practices

      Thanks, Dylan

      14 points