SECURITY BULLET POINTS
- Platform is hosted on Amazon’s AWS Cloud platform in the US, available option to be hosted in EU
- Data is “hot replicated” (backed up in realtime).
- Daily snapshots and SQL dumps are also performed for backups
- Sensitive data (PII) is encrypted at rest (db encrypted fields)
- ALL data is encrypted in transit (SSL / TLS1.2 or higher, SFTP)
- ALL data is encrypted at rest using AWS KMS.
- Databases are not directly accessible via the Internet, only through UI
- Server software patching is done quarterly.
- Urgent security patches are done as needed and typically within 24 hours of being released
- Hosted in a LAMP (Linux/Apache/MySQL/php) environment so not prone to Microsoft vulnerabilities
- Vulnerability and Penetration scans are performed monthly by a third party provider
- 99.9% uptime (monthly interval).
- Uptime monitoring is done by Pingdom (third party) http://uptime.sassieshop.com
- Yearly Risk Assessments are performed internally.
- Rate limiting/IP blocking/CSRF token employed on all password fields to prevent scripted attacks
- GDPR / CCPA compliant
If you need the current Security Documents and Scans for the Sassie system, please see the following articles for detailed documentation: