interview with spotflux
> Do you keep any logs IP Addresses, Timestamp, Bandwidth cap, traffic or other data?
We maintain minimal logs (connection errors, partial stack traces, and sometimes IP addresses) in order to ensure service quality, detect bugs, and improve software which is how we’ve managed to become the world’s second largest VPN provider. However, we push over 20 petabytes of data per month on our network so there is no possible way we would be able to log our user’s session logs. On the server side all of our services are built to run on RAM disks and none of our servers ever use magnetic storage. Diagnostic logs are purged typically after 30 days. Our servers,firewalls,switches, and routers are owned and managed by us and sit in our own racks in Tier-1 data centers that have robust security controls.We do not lease virtual servers or use “cloud services” like most VPN providers which are vulnerable to third party intercept. There is no bandwidth cap and we record the number of “trackers” and pieces of malware we block for each user (total number only) and we store the total amount of bandwidth saved for our mobile users. As an added benefit our CEO has held a CISSP for over 10 years, has published research of major security vulnerabilities and all of our employees have engineering degrees related to computer science so architecting for security and privacy is always at the core of our operations.