AMA: Figma's New Pricing Model

over 6 years ago from Dylan Field, CEO at Figma

  • Dylan FieldDylan Field, over 6 years ago

    Hi Benjamin,

    No system is 100% secure, but we practice stringent controls to mitigate risks as best we can. Some of our controls include:

    • 100% of communication over the Internet is encrypted using HTTPS/TLS
    • 100% of Figma application servers use encrypted hard drives
    • 100% of user files stored in Amazon’s S3, redundantly with a 99.999999999% durability SLA
    • CSRF counter-measures for all HTTP RPC methods
    • Production application servers isolated within a private network, inaccessible by the Internet
    • Production SSH keys limited only to trained operations personnel, and regularly rotated
    • Passwords are never stored except if hashed using salted bcrypt
    • Routinely revise, audit, and improve security practices

    Thanks, Dylan

    14 points