Data Security
TRACT Forestry Software was founded in 2016 and has been serving forestry operations since. Security, reliability, and data integrity are at the core of everything we build.
Bank Level Security
TRACT™ utilizes bank-level AES 256-bit encryption for all communications and all data processing is performed on servers isolated from direct access to the Internet. Our infrastructure is deployed on ISO 27001 certified cloud providers with continuous security monitoring, firewall protection, and intrusion detection systems.
Infrastructure & Hosting
TRACT™ uses GitHub, Cloud 66, and Amazon Web Services to store, release, backup, manage and host its services, along with several applications that help with scaling, notifications, performance, debugging, and diagnostics including AppSignal.
Cloud 66 deploys and manages our application on our own cloud servers — meaning your data runs on infrastructure we control, not on shared third-party platforms. Our infrastructure providers maintain SOC compliance: Cloud 66 is SOC 2 compliant, AWS holds SOC 1, 2, and 3 certifications, and our database provider CrunchyData (now part of Snowflake) maintains SOC 2 compliance.
All infrastructure is deployed on ISO 27001 certified cloud providers. Cloud 66 provides built-in two-factor authentication, team-based access controls with granular permissions, and detailed audit logs for every action taken on the platform. Server delete protection is enabled by default to prevent accidental data loss.
Your code and data never pass through Cloud 66’s own network — it runs entirely on your dedicated cloud servers, providing full isolation and control over your sensitive forestry and financial data.
Database Security
TRACT™ runs on CrunchyData PostgreSQL databases (CrunchyData was acquired by Snowflake), providing enterprise-grade database security and management. Automated backups run daily with point-in-time recovery available. Database connections are encrypted using SSL/TLS, and data at rest is protected with AES 256-bit encryption.
Automated health checks monitor your databases and servers around the clock. When an issue arises, automated failover processes restore your services to health with minimal downtime.
Business Continuity & Disaster Recovery
TRACT maintains a formal disaster recovery plan with defined objectives and regular testing:
- Recovery Time Objective (RTO): Less than 12 hours
- Recovery Point Objective (RPO): One day or less
- Testing: Quarterly restore tests and annual disaster recovery simulations
- Automated Recovery: Application auto-restart on failure with automated failover
- Geographic Flexibility: Ability to redeploy in alternate Cloud 66 regions if needed
- Post-Incident Analysis: Comprehensive reviews after every incident to continuously improve our systems
In the event of an outage exceeding 30 minutes, customers are notified promptly with a post-incident report delivered within 72 hours.
Additional Services
We maintain comprehensive logging with built-in log management and monitoring. Database backups are maintained with configurable retention policies and point-in-time recovery. And if your IT rules require a specific cloud-based system maintained by you, we can also support isolated environments in specific regions depending on your requirements.
Want to know more?
Have questions about our security practices or need additional information for your IT team? Feel free to contact us anytime — we’re happy to discuss our security measures in detail.