Putting security first.

Cloudapps has a modern cloud-based architecture, built with security top-of-mind.

Utilizing the latest industry-leading security technologies and frameworks, we offer our customers complete peace of mind with our enterprise-class security.

Listed below are the mechanisms we deploy to secure our cloud-based platform, ensure your data is safe and minimize access-based threats. Also listed are the ongoing compliance steps we take to ensure we remain ahead of the game.

Cloudapps Platform Security

The steps we have taken to secure our cloud platform:

  • Identity Access Management (IAM) controls
  • Continuous microservice monitoring and logging
  • 3rd-Party software & dependency monitoring
  • Support for IP and Geographic Address restrictions
  • Support for API throttling and monitoring
  • The utilisation of a Secure AWS Virtual Private Cloud
  • Security Groups for Port & IP Address restrictions
  • Load balancer based compute isolations
  • Web Application Firewall (WAF) enabled endpoints
  • Managed Distributed Denial of Service (DDoS) protection
  • Threat detection and continuous monitoring

Data Management Security

The steps we have taken to ensure your data is safe:

  • Isolation of Production and Dev/Test environments
  • Multi-tenancy with logical client partitioning
  • AES-256 Encryption of customer S3 data
  • AWS Owned CMK encryption of DynamoDB metadata
  • AES-256 and AWS KMS encryption at REST
  • TLS 1.2 and SHA256withRSA data encryption in transit
  • Backup of DynamoDB metadata
  • Secure access & activity logging
  • Strong Password Policy support
  • Oauth 2.0 authentication for bulk data integration

Access Security

The steps we have taken to ensure only the right people access the platform:

  • Oauth JWT token access to services
  • API Key access to services
  • Password encryption using Secure Remote Password (SRP)
  • Multi-Factor Authentication using SMS and TOTP
  • End-User role-based access
  • Session Monitoring and Timeouts
  • Federated session authentication using OpenID
  • Certification Management
  • Secrets Management for tokens
  • CSP Trusted Site and CORS for Salesforce integration

Security Compliance

The steps we continue to take that make sure we stay ahead of the game:

  • Certified by McAfee as Enterprise-Ready as part of their CloudTrust program
  • Annual penetration testing by leading CHECK, CREST qualified and ISO 27001 accredited provider
  • Compliance with OWASP Top 10 Secure Coding Principals
  • Amazon Web Services (AWS) Baseline Infrastructure Reviewed
  • Amazon Web Services (AWS) Well-Architected Reviewed
  • Cloud Security Alliance CAIQ v3.1 Registered
  • Supporting National Cyber Security Centre (NCSC) Cloud Security Principles