We maintain data-centers on AWS that are fully compliant with a range of certifications for industry-specific applications. We do not store any data off-site outside of AWS and do not use any off-site physical storage facilities.
We follow best practices to protect the network perimeter, including maintaining redundant DNS servers and a denial-of-service (DoS) prevention and mitigation system. Antivirus and a host-based intrusion detection system (IDS) are used on all production servers. For more information on AWS security best practices, visit: AWS Security