Business Continuity & Recovery

Overview

Banzai adopts a layered approach to maximize the availability of its services to users while minimizing both the likelihood of unauthorized access to user data and the risk to users in the unlikely event that such unauthorized access takes place. We have partnered with some of the largest and most experienced providers in the cloud computing industry to assist us in the pursuit of our commitments to service availability, data integrity, and user security.

Business Continuity & Recovery

Since no company can claim perfection, we recognize that there could be errors—however hard we might try to relay the most accurate Banzai’s live web applications along with all associated user data are housed in secure data centers operated by Amazon Web Services (AWS). These data centers feature redundant power supplies and internet connectivity and can function independently of local utility companies for an extended period of time if necessary.

Working in conjunction with our partners at AWS, each web application is hosted on multiple servers to protect against hardware or software defects in individual machines. In the event that a server goes offline for any reason, AWS uses automated processes to immediately bring up a replacement. In the unlikely event that these processes fail, an engineer at Banzai receives an immediate notification to manually remedy the situation. Furthermore, Banzai overprovisions our server resources to provide excess capacity beyond projected usage requirements. At any given time, we have the necessary resources online to handle significant unexpected increases in usage without degrading the experience of other users.

Our technical staff can oversee and manage issues related to our web applications at any time and from any location in the world with internet access. This ensures the continued availability of our services even in extreme events, such as the inaccessibility or destruction of our corporate offices. No production assets (e.g. servers or other technical resources essential to the operation of our services) are housed in our offices or anywhere outside of the secure data centers mentioned previously.

Security & Data Protection

Since no company can claim perfection, we recognize that there could be errors—however hard we might try to relay the most accurate Banzai’s first line of defense against unauthorized access to user data is to carefully limit what information we collect from our users to begin with. Banzai doesn’t collect or store any personal financial information from users. We do not have payment card information on file nor do we have any access to the systems or account information maintained by our financial industry partners. In the unlikely event that the security measures protecting our databases are entirely defeated, intruders would find nothing more valuable than a list of usernames (which may, in some instances, consist of an email address) and salted password hashes that cannot be decrypted even by our own staff. This both reduces the fallout of any data breaches but also, crucially, makes Banzai a less lucrative target for would-be intruders. Rev. 6/24/24 Approved 6/24 That said, Banzai and its partners follow industry-standard best practices to protect access to user data from unauthorized parties, both within our corporate organization and without. All traffic between users and our web applications is encrypted by default. Software on our public-facing servers is kept patched and updated and is monitored by a security team at AWS.

Among Banzai technical employees, only those whose responsibilities require them to access database and server resources are given such access. Furthermore, this access is revoked coincident with a change in responsibilities or departure from the company. Our technology service providers each have similar policies and procedures.