What we're doing to keep your data and our infrastructure safe
Keeping your company's data secure is a top priority at Advoc8. Our goal is to provide a secure environment, while also being mindful of application performance and the overall user experience.
With the exception of monitoring and logging services, Advoc8 is hosted on Amazon Web Services (AWS), a highly scalable cloud computing platform with end-to-end security and privacy features built in. Our team takes additional pro-active measures to maintain a secure infrastructure and application environment.
For additional, more specific details regarding AWS security, please refer to https://aws.amazon.com/security/. We don't publicize exactly what features, services and specific data center locations are used at Advoc8 for security reasons, but we are able to provide a brief overview of our approach to securing your company's data.
AWS maintains an impressive list of reports, certifications and independent assessments to ensure complete and ongoing state-of-the-art data center security. They have many years of experience in designing, constructing, and operating large-scale data centers.
AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access. It is safe to say Amazon is much better at physical security than we are capable of being, so we leave it to them.
Advoc8 infrastructure is hosted in a secured VPN environment, with access restricted to IT support staff only.
All web application communication (between the browser and Advoc8) are encrypted over 256 bit SSL, which cannot be viewed by a third party and is the same level of encryption used by banks and financial institutions.
Advoc8 monitors ongoing security, performance and availability 24/7/365. We run automated security testing on an ongoing basis. Automated backups are stored securely and encrypted.
All passwords are one-way encrypted per leading industry practice, and user accounts are time-locked after multiple failed login attempts.