security software development service

SECURITY

Organizations – small, medium or large are all using our platform for handling crowdfunding portals. We ensure that infrastructure management, scaling and security are well taken care of, while you can grow your business. Deploying high security measures, we protect consumers from all threats – employing security controls at every stage – from the physical to application without hassles in your day.

DATA CENTERS

With Amazon’s secure data centers and the Amazon Web Service technology – we aim to keep our platform hosted securely. A big player in the game, Amazon administers risk and goes through constant evaluations to maintain compliance with standards of the industry. Data Center operations of Amazon have been compliant under –

  • ISO 27001
  • SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
  • PCI Level 1
  • FISMA Moderate
  • Sarbanes – Oxley (SOX)
PCI COMPLIANCE

To ensure data protection, Verify Run utilizes payment portals like Paypal, Stripe and WePay for encryption of credit card transactions. Our infrastructure service provider is complaint with PCI Level 1.

PHYSICAL SECURITY

With expertise and experience in design, construction and operation of large scale data centers, Amazon is managing ISO 27001 and FISMA certified centers. Our access to use this make your data extremely secure. A major plus point is that Amazon has used its brilliance in the AWS platform and infrastructure. These centers have military grade perimeter control berms and are facilitated in nondescript areas. The access to these facility is severely restricted and guarded at the borders by competent security personnel, video surveillance, state-of-the-art invasion detecting systems and more. The authorized professionals need to go through a two-factor security check at least three times to enter the data center floors. Anyone visiting is required to show identity documents, signed in and accompanied by specific official personnel from the staff.

To prevent any ill-use of the data, Amazon restricts its employees apart from those who need the information for official business purposes. The privilege of access is promptly retracted as soon as the work is complete, even though they are AWS or Amazon employees. Any electronic or physical admittance is recorded with scrutiny.

FIRE DETECTION AND SUPPRESSION

Fire hazards are a common disaster and we try to keep them at bay with automatic fire detection and suppression systems that are known to have reduced significant risks. For detecting fire, the smoke detection sensors have been installed at all data center environments, electronic, mechanical infrastructure facilities, chiller rooms and generator equipment spaces. Also, they are secured by wet pipe, double interlocked pre-action or gas induced sprinkler system.

POWER

The data center is equipped with electrical power systems that work continually without affecting operations. Running for 365 days in the year, 24 hours in the day and 7 days a week, the electrical systems are running efficiently. Power failures are no problem with the uninterruptible power supply units or the UPS systems and generators ensure power backup for the facility.

CLIMATE AND TEMPERATURE CONTROL

Electronic hardware and servers run perfectly at certain specific temperatures. To keep them working efficiently, there needs to be a consistent climate and atmosphere control that helps to reduce service outages and ensure no overheating. Data centers are equipped with systems that maintain the conditions at the right levels, and systems that monitor to check the moisture levels and temperature.

MANAGEMENT

When data and devices are concerned, continual maintenance becomes imperative. Data Center personnel ensure that electrical, mechanical, equipment and life support systems are constantly preserved to operate well, and preventive maintenance is undertaken regularly.

FIREWALLS

Restricting data to fall with the wrong people is not an easy task, but firewalls make is hassle free. Used to restrict anyone from gaining confidential information in external networks and in between internal systems. On a general note, no one is allowed access, some ports and protocols are approachable based on business needs. Every system is hooked to a firewall security group depending on the function. Security groups isolate the access allowance to only the ports and protocols required for the specific function for escaping risks. Customer applications are restricted from creating a local host connection using host based firewalls through the loopback network interface. Outbound and inbound connections are also limited.

DDOS MITIGATION

DDOS Mitigation techniques including TCP Syn cookies and connection rate limiting is ensured by our providers. There is also a system to support multiple backbone connections and conserve internal bandwidth capacity which could exceed the bandwidth provided by the internet carrier. Working in proximity with our providers, enables us to promptly take care of any events and utilize the DDoS Mitigation controls when necessary.

SPOOFING AND SNIFFING PROTECTIONS

IP, MAC and ARP spoofing on the network and between virtual hosts is ensure by firewalls. The hypervisor and other infrastructure ensures that packet sniffing is prevented and will not expose information where it isn’t addressed to. At Verify Run, we accommodate and utilize application isolation, operating system restrictions and encrypted connections to ensure data security at all times.

PORT SCANNING

Our infrastructure partner helps us to ensure no breaching of our ports and every report is scrutinized. If there is any detection of such activity in the port scans, there is absolute blocking of information.

AUTHENTICATION

Only the employees at Verify Run can gain access to the operating system with an authentication parameter of username and key. However, the systems do not protect from password brute force attacks, data theft and sharing at this point.

VULNERABILITY MANAGEMENT

The vulnerability management process at Verify Run is created to handle risks without involving or impact to the customer. We always have a resolve any exposure of data, whether it is through monitoring a system patch, internal and external evaluation or third party mailing lists. Every breach is examined to see if it is relevant to the system environment. Then we rank these according to the risk and assign them to different teams for solutions.

The vulnerability management process at Verify Run is created to handle risks without involving or impact to the customer. We always have a resolve any exposure of data, whether it is through monitoring a system patch, internal and external evaluation or third party mailing lists. Every breach is examined to see if it is relevant to the system environment. Then we rank these according to the risk and assign them to different teams for solutions.

Unaffected by core system updates, applications for the customers are run in isolated facilities. We install and update the environments by new systems – utilizing updates, security fixes allowing customers to migrate and keeping our systems up-to-date according to industry standards.

To avoid risks, we categorize each component type. Different network security groups are responsible for specific kind of a component. The major function of the security group is to only let access to the ports and protocols necessary. For instance, our management infrastructure will be denied access to the user applications running within an isolated dyno as all parts are within their own network security group and information access between the two is restricted.

APPLICATION SECURITY

Our application, infrastructure, architecture and implementation are always under scrutiny for vulnerability evaluation and source code analysis. Third party evaluations ensure that all parts of our platform are free from vulnerabilities including testing for the Top 10 web application vulnerabilities and customer application isolation. Our external security analysts work with us to review the security of the platform, suggest and execute the right and effective practices. All the problems found in our applications are ranked according to the risks they pose and different teams are responsible for each issue, finally evaluated by the security team ensuring the right resolution technique.

BACK UPS :

CUSTOMER APPLICATIONS

Deployment of the applications to our platform is automatically backed up. The process is secure, restricted and accommodates continual storage. These backups are utilized in deploying our applications on different platforms and to ensure the preservation of user applications online in the event of emergency.

CUSTOMER DATABASES

All data changes are recorded on write-ahead logs, which are then transferred to multi-datacenter that has a high-durability storage. Constant data protection is our key to preserving databases in Verify Run. If there is a hardware issue or technical failures, there is recovery of the database to the last backup by it replaying these logs automatically.

Customer databases and applications are promptly restored automatically. The platform is created in a dynamic fashion to establish applications within our cloud and keep a continual check for failures and recovery of platform components.