Access to on-premise company property is controlled by secure keys and passes.
Access to Cloud Infrastructure, Applications, and SaaS solution is controlled via multi-faceted security practices including:
- Unique Username and Password
- Amazon Identity Access Management and Security Groups
- Multi-factor authentication
Data at rest on devices is secured using iOS and Android application access controls.
Data in transit is encrypted. All communications between devices and company API’s is via HTTPS (HTTP over SSL).
Data at rest with the SaaS platform (backend) is securely isolated, access is controlled by AWS IAM and multi-factor authentication security policies.
Client data access is restricted to users of the client's associated account. Access control is restricted via the API, SaaS console and apps.
We can comply with data sovereignty requests from clients where AWS maintains an Availability Zone in that region.
Data at rest is segregated into appropriate data structures within the relational data stores. This data is securely isolated, access is controlled by AWS IAM and multi-factor authentication security policies.
Data can be segregated within the application by user access privileges administered by the Client.
Monitoring and Analytics
Select third party applications are installed to provide internal solution monitoring and aggregated anonymous usage analytics.
- NewRelic - application monitoring and alerting
- Google Analytics - solution insights and analytics