Security & Scalability
  • 20 Jul 2021
  • 3 Minutes to read
  • Contributors
  • Dark
    Light
  • PDF

Security & Scalability

  • Dark
    Light
  • PDF

We at inFeedo understand the seriousness of security and we strive to exceed the industry standard when it comes to protecting your data.

securityamberV.1-02

1. EU General Data Protection Regulation (GDPR)

inFeedo is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR), which took effect on May 25, 2018.

We have introduced tools and processes to ensure our compliance with requirements imposed by the GDPR and to help our customers comply as well. A copy of the report is available upon request at privacy@infeedo.com

2. SOC 2

Controls over security, availability, and confidentiality.

A copy of the SOC 2 summary report is available for our existing customers upon request at privacy@infeedo.com

3. ISO 27001:2013

Provides a model for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an information security management system.

A copy of the ISO certificate is available upon request at privacy@infeedo.com

4. Bi-annual VAPT on Application and Infrastructure

Vulnerability Assessment and Penetration Testing (VAPT) are both security services that focus on identifying vulnerabilities in our application and cloud infrastructure.

A copy of the report is available upon request at privacy@infeedo.com

5. Annual Source Code Review

inFeedo reviews its source code annually to incorporate best security practices and ensure a bug-free product.

A copy of the report is available upon request at privacy@infeedo.com

6. Data Encryption

a. The customer sends a request to the server. This request contains a user identification token that contains the client ID and other data in a JWT(JSON web token).
b. The server uses the client ID to fetch:
- customer information from the database which is stored in an encrypted state. Every client ID corresponds to customer-specific data in the database.
- the encrypted customer key which corresponds to the client ID and will be used to decrypt the encrypted data. This key itself is encrypted and cannot be used directly to decrypt data.
c. The server then sends the encrypted customer key to AWS KMS to decrypt using the client ID.
d. Upon decryption by AWS KMS, the decrypted key is sent back to the server.
e. The server uses this decrypted key to decrypt the encrypted customer information fetched from the database using the client ID.
f. The decrypted customer data is sent back to the customer through a secure connection using HTTPS(SSL).

7. Access Reviews

inFeedo reviews critical business assets to ensure controlled access to the information systems, based on business and security requirements, commensurating with the asset classification.

8. Logging and Monitoring

inFeedo maintains an extensive centralized logging environment in its production environment which contains information pertaining to security, monitoring, availability, access and other metrics about the services. These logs are analyzed for security events via automated monitoring software, overseen by the security team.

9. External Security Audits

inFeedo engages respected external security firms who perform regular audits of the inFeedo services to verify that our security practices are sound and to monitor our services for new vulnerabilities discovered by the security research community.

10. Business Continuity Plan (BCP) & Disaster Recovery (DR)

  • Customer data is stored redundantly in multiple locations in our hosting provider’s data centers to ensure availability.
  • We have well-tested backup and restoration procedures that allow recovery from a major disaster.
  • Customer data and our source code are automatically backed up and auto-scaling mechanisms are in place on our database and infrastructure.
  • The operations team is alerted in the event of a failure in this system.
  • We perform BCP Drills on our production servers. A copy of the report is available upon request at privacy@infeedo.com

11. Technology Stack

  • Backend - NodeJS
  • Frontend - AngularJS and React JS
  • AI - R and Python
  • Databases - Aurora Mysql, MongoDB (Atlas), AWS Redshift
  • File Storage - S3
  • Cache Store - Elasticache
  • DNS - AWS Route53
  • CDN - AWS CloudFront
  • Cloud Infra - AWS

12. Scalability

image(32)V.5copy