Security features:

  • Secured using cloud-based security groups and by deploying resources in Private subnet which is not accessible over internet.
  • Application servers are accessible only if the user has secret key. The database can be accessible only via application server and designated system at our undisclosed location.
  • No access to any server is possible via internet. The application server is behind an application load balancer which prevents exposing the application server to the internet.
  • Automatic redirection of http request to https. The disks on production application server which will hold app data is encrypted. Production database storage is encrypted.
  • The application front end is accessible via a secured URL (https), backend is accessible only from our secure offices in our undisclosed location through selected machines via redundant VPN between AWS and Clover
Authentication mechanism:
  • Role based & dual factor authentication access methods are enforced by the system
  • A strong web application firewall is configured to secure the platform further