At Assemble Systems, we take security very seriously. Below are some key points in regards the security we have in place.
- Within Assemble Systems, we restrict access to the data to a small number of trusted employees; our IT Operations team. Our support and development staff do not have routine access to the data.
- We use multi-factor authentication for all our administrator access to our systems. This means that even if a password is compromised, an attacker still could not log in.
- For the application itself, we provide customizable password complexity rules. We also use secure HTTP, called HTTPS, for all communication between the client (such as web browsers and our Add-In) and the web server. This ensures that all traffic is encrypted to and from the server.
- Customer installations are also in separate silos, each in their own database and their own web site, so there's no possibility that someone could inadvertently gain access to another customer's data.
- As you may know, AWS's datacenters have some of the most robust security available to any IT infrastructure. Amazon has achieved numerous third-party security certifications for physical and network security. They are regularly audited and make compliance reports available.
- Additional material covering many of the security benefits AWS provides is available here: http://aws.amazon.com/security/
- We'd be happy to entertain any additional questions about our infrastructure you might have.