Security features:

• Secured using cloud-based security groups and by deploying resources in Private subnet which is not accessible over internet.
• Application servers are accessible only if the user has secret key. The database can be accessible only via application server and designated system at our undisclosed location.
• No access to any server is possible via internet. The application server is behind an application load balancer which prevents exposing the application server to the internet.
• Automatic redirection of http request to https. The disks on production application server which will hold app data is encrypted. Production database storage is encrypted.

Connectivity:

• The application front end is accessible via a secured URL (https), backend is accessible only from our secure offices in our undisclosed location through selected machines via redundant VPN between AWS and Clover

Authentication mechanism:

• Role based & dual factor authentication access methods are enforced by the system

Firewall:

• A strong web application firewall is configured to secure the platform further