Security
Privacy & Security at Simply.Coach
With great trust comes great responsibility!
Protecting your data
Certificates & Audit Reports are available on request with an NDA
- We use AWS (Amazon Web Services), the worlds #1 trusted hosting partner.
- Our dedicated clusters are deployed in a unique Virtual Private Cloud (VPC) with dedicated firewalls.
- Database Access is restricted to our production application server through a secure tunnel. No one (including our engineers) has access to the data.
- Access to our platform is secured by a SHA 256-bit encryption with 2048-bit key-strength for data access. This means that all your data is encrypted the moment it leaves your computer and is securely uploaded to our servers.
- All network traffic is encrypted using Transport Layer Security (TLS)
- Encryption for data at rest is automated using encrypted storage volumes
Our platform comes built-in with role-based access through IAM that enforces segregation of duties so that data is only shown to the user who has valid access rights in place.
- Passwords are protected with hashed salts; which means no one (including us) can see your password.
- Accounts are automatically locked after 5 failed attempts
- Password reset links are valid only for 6 hours
Secure Product Development
Access to the production environment is restricted with a private key locked to our founder’s device. No one else has access to the production environment.
- Our product roadmap is reviewed periodically, security fixes are prioritised and are bundled in the earliest possible sprint.
- All changes are tested by the Quality Assurance team, and criteria is established for performing code reviews, web vulnerability assessment, and advanced security tests.
- Builds are put through stringent functionality tests, performance tests, stability tests, and UX tests before the build is certified “Good to go”.
- Source Code is managed centrally with version controls, and access is restricted based on various teams assigned to specific sprints. Records are maintained for code changes and code check-ins and check-outs.
Highly Resilient Architecture
We automatically distribute application traffic across multiple availability zones that support high availability, auto-scaling and robust security.
We have near real-time backups taken across multiple availability zones in encrypted and access-controlled containers.
We have procedures established for reporting incidents, and tracking it for timely communication, investigation, and resolution.
We use Cloudfront (a global leader) as our CDN partner to distribute service spatially relative to end-users to provide high availability and high performance
Take Simply.Coach for a spin!
Explore its possibilities for your business