Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

Amoeboids considers the security of our systems and security of customers data to be of the utmost importance.

Hackers also have access to this page and can’t disclose much here, If you have any further questions don’t hesitate to contact us.

Security Practices

Amoeboids uses a variety of tools and techniques to help protect our data and software. 

Hosting

We use AWS as infrastructure provider to serve applications. We choose AWS simply because it is secure, it scales and reliable.

How secure AWS is?

Some even say “It is secured better than most banks vault around the world”

  • AWS Security Whitepaper – AWS canonical whitepaper on its security practices. Continually updated to address the security specifications for every AWS service.

  • Independent security audits of AWS – AWS provides certification reports that describe how AWS infrastructure meets international security standards, including:

    • ISO 27001 – a widely recognized international security management standard

    • SOC – 3rd party examination reports on AWS security and availability controls

    • FedRamp – the security standard for the federal government

  • Case studies on AWS security: Financial Industry Regulatory Authority (FINRA)Pacific Life Insurance

Password and Cookies

Password: Your password is never stored or logged in plain text in our system. It is always encrypted using strong algorithm and stored. Even we can not read or recover your password. You always have to reset your password, in case you lost it

Cookies: We do not store sensitive information in cookies. Our cookies are secured and transferred over HTTPS

Data encryption

All data is encrypted during transit using https/SSL. We do not encrypt email and names on server as they are required for search.

Deleting data

We keep data for 90 days post delete company request. After this company data will be hard deleted from the system permanently.

Porting your data

We support exporting major data (OKR, Users etc) in excel format.

Security Audits

We are using various tools to access security of our application. You can see various reports and practices we follow but not limited to at Security Checklist

Database Access

Database access on aws is configured in such a way that, even application on AWS can not access database if it is not a part of designated security group.

How do we prevent unauthorized access from within company?

Only designated person in team can access Database. It is a short lived window and access is granted by our AWS admin, that to based on IP.

Disaster recovery

Although Database is secured on AWS, avoiding data loss is ours responsibility. We protect your business-critical data from loss and stay compliant and productive with a backup and restore solution. We do take daily backups to avoid any data loss in case of any disaster.

Reporting Security Vulnerabilities

Amoeboids welcomes input from the security research community. Through responsible disclosure we are hoping to advance the cause of improving the security of our applications and user data. To that end, we encourage security researchers to notify us of any potential vulnerabilities by raising ticket here

Bug Bounties

We will be launching a formal bug bounty program shortly.

  • No labels