Security First

HTTPS Everything

Using SSL-encrypted connections on any public connection is probably the easiest security measure to take and we have it enforced throughout the platform, using the industry-standard recommended algorithms AWS offers.

Private Networking

The entire communication between the internal systems is happening in a private VPC inside AWS and only public facing endpoints are accessible to the outside.

Databases, caching or private services are all inaccessible from the Internet for enhanced security.

AWS Restricted IAM Roles

Connections and permissions between services are managed through AWS’s robust Identity Access Management (IAM) service so that each component has access only to the resources it requires to have access to, with the minimal privileges it needs.

AWS WAF & AWS Shield DDoS Protection

Web Application Firewall (WAF) allows us to detect and block any intrusion attempts and rate limit denial-of-service type attacks.

CloudFront is one of the leading CDNs and together with AWS Shield offers a robust DDoS protection.

Encryption

All communication is SSL encrypted for complete in-transit encryption, while all databases and files are encrypted at-rest, for maximum security and data-protection compliance.

Encryption also applies to daily backups and all other automated system backups.

Software Security

Beside the solid infrastructure security, all sub-components are audited for known vulnerabilities and updated or patched as soon as a patch is available.

Automatic and manual penetration-tests are regularly performed on sandbox deployments to ensure our application and infrastructure are properly secured.