In today’s digital landscape, safeguarding personal data is paramount. At ProvePrivacy, we prioritise security by leveraging the best-in-class tools and infrastructure. Here’s a detailed look at how ProvePrivacy ensures your data remains secure at every stage – from storage and encryption to system access and monitoring.

Client Access

It is important to achieve security at log in whilst also providing clients with a choice, so ProvePrivacy offers clients two levels of authentication, which they can choose at implementation:

1. The primary method of verification is Microsoft Azure Single Sign On through an API into our clients platform.  This links ProvePrivacy to our clients platforms and adds multi factor authentication if the client requires.
2. Alternatively the client can apply authentication using user name and password, which offers individuals the opportunity to manage their own access.  

ProvePrivacy encourages MFA for clients as this increases security for client data exposure.

Platform Security

Securing the front end of ProvePrivacy is only part of our objectives, we also take our security responsibilities very seriously.  This is why when we selected a platform provider for ProvePrivacy we selected AWS which we knew could support both expansion and security.  

ProvePrivacy capitalises on AWS EC3 Instances for hosting of the application and S3 buckets for storage of uploaded documentation as well as RDS for database management, providing a robust platform to support our clients growth.

We believe that it should be standard practice for data to be encrypted and we achieve this at rest using AWS Key Management Services (KMS) providing AES-256 level encryption.  As an added level of assurance we ensure that any security keys are also encrypted.

When encrypting data in motion, our services use the Transport Layer Security (TLS) protocol to provide encryption between the client and the AWS service. AWS’s use s2n as opposed to Open SSL.

ProvePrivacy is protected by load balanced firewalls using managed security groups.  These  limit access only to the protocols required by the service and changes to these protocols are managed via a strict change control process requiring director level approval.  All access is further protected by Private Key Pairs.

Monitoring

We offer a 99.9% SLA to our clients and we protect this by continuous monitoring of the platform for issues before they impact our clients.  Monitoring is performed systemically by Amazon CloudWatch which helps to manage, secure, and handle information related to our applications and resources. This provides:

·   Monitoring and Observing: to monitor and observe your resources in real-time.

·   Metrics and Logs: to collect and track metrics and monitor log files.

·   Alarms and Automation: to automatically react to changes in our AWS resources.

·   Insights: to gain a unified view of operational health across our infrastructure.

Backup & Recovery

In the unlikely event that services are lost we ensure that our platform is backed up, these controls cover:

1. Application code and infrastructure (EC2 Instance)
2. Client application data (RDS Instances) and;
3. Client document storage (S3 Storage) 

These are are all backed up with recovery point objectives (RPO) of midnight 7 days per week and 365 days per year.  The recovery time objective (RTO) is within 4 hours of becoming aware of the issue.

Code Quality & Security

Software platforms often require interfaces with other services and ProvePrivacy is no different, to ensure security in this area ProvePrivacy utilises AWS Secrets Manager.  This eliminates the need to hard-coded credentials in our application source code, which improves security and provides additional flexibility in application security management.

ProvePrivacy’s code is routinely monitored through the use of SonarQube code monitoring.   It performs continuous inspection of code quality by conducting automatic reviews through static analysis.

The ProvePrivacy application is also protected by Sentry application performance monitoring and error tracking software this provides:

·   Root Cause Analysis: to assist our development team in fixing problems faster. Whether it’s an application crash or an error.

·   Error Monitoring: to identify, debug, and resolve issues in our application which we prioritise issues based on their impact on clients; and

·   Performance Monitoring: to track what’s slow and to optimize our code. 
ProvePrivacy is built with security at its core. By leveraging AWS’s infrastructure, employing robust encryption, monitoring all systems in real-time, and using best-in-class tools for backup, recovery, and performance monitoring, we ensure that your data remains secure and protected every step of the way. Whether you’re storing documents, exchanging sensitive information, or authenticating users, you can trust ProvePrivacy to safeguard your data with the highest security standards. Get in touch today to speak to us and arrange your free demonstration.