To enhance security and privacy over all the service, we have established the following best practices and key principles:
- We keep the data secured and protected with data encryption and data loss prevention techniques and a solid backup policy.
- We have identity and access management protocols to ensure that the environment is only accessed by the appropriate users. The access is allowed with authentication credentials and tokens that are set up according to the defined password policies. The system is protected by industry standard firewalls set up with restrictive policies. They only allow traffic by specific ports and deny the rest of it. We also use proxies for traffic routing and filtering. All the network doors are evaluated regularly with penetration tests.
- We have an exhaustive monitoring and logging system across all the infrastructure, the services and the network. It helps us detect any information security violations, send alerts to the IT staff and trigger the proper actions to correct the situation.