Cloud Cloud Cloud Cloud

How Wufoo protects your data

We work to keep your data secure at all times.

In the hands of experts

As part of SurveyMonkey, the world’s leading survey software company, Wufoo deploys top security resources, including the deep expertise of our security team and state-of-the-art hardware and networking analysis.
Wufoo Security-1

A true data fortress

Wufoo’s servers live in a SOC 2, Type II audited data center in the United States, with:

  • high-end surveillance equipment
  • security guards
  • biometric recognition
  • redundant IP connections and power supplies
  • encrypted offsite backups
  • …and more top-notch security features.

Best practices in coding

We keep your account secure from the backend too. We monitor sessions to restrict access to your account as appropriate, and have constructed Wufoo so that every account is isolated.

  • We have safeguards in place to detect common attacks such as SQL injection and cross-site scripting.
  • We actively review our code for potential security concerns, and  evaluate all user feedback.

We are bound to our privacy statement, which ensures your data is not misused.

Wufoo Data Security-2
Wufoo Data Security-3

Fighting against spam

Automated spam is a plague for online forms and is a major annoyance to many admins. Our Captcha integration gives you tools to ensure your users are human and our multiple coding checks along the submission process verify that your responses are coming from actual people using a web browser.

Your data stays in safe hands

We enforce the secure collection of data on all of our forms. They are served across a protected, 256-bit SSL connection that encrypts the data before it is sent to our servers, so no bad actors can read the data being submitted. We also offer encrypted data storage to select plans, with stricter requirements which you can apply to up to 5 data-sensitive fields per form.

We have backups of our backups

Disasters happen, and being prepared for them is critical for happy data collection. We consistently back up in real time, and we take 2 snapshots of your data every 24 hours and store them on site for 2 weeks. (After that, we move them to a safely stored physical backup.)

Wufoo Security-4
Wufoo Security-5

Securing our network

An outside routing layer provides us with basic filtering to handle any potential denial of service attacks. All network traffic also has to pass through one of our heavily locked-down redundant firewalls. We perform periodical scans, including quarterly PCI scans by McAfee, to look for any potential vulnerabilities in our network or publicly accessible software.

How you can help us

We need our users to be aware of their responsibilities in relation to data security. We support them with all the appropriate documentation on how to keep their account secure: When to use email versus RSS, upgrading to the appropriate account level, when to encrypt data, and how to share public files. We also seek to proactively alert users who may be collecting information insecurely.
Pterosaur Cloud Cloud Cloud

Let's make it official

We want to give you our everything (and more if you need it).

Not ready to commit? Try before you buy.

Create a Wufoo account today and build 5 forms for FREE >