Factbird has full industry-leading IT security protection, but we know IT security reviews can be a pain. Therefore, we have created an IT Security Checklist.
Application Architecture
- Factbird is a Software as a Service (SaaS) solution built on the secure and trusted cloud service Amazon Web Services (AWS).
- Factbird is available in the AWS region in Ireland (EU-WEST-1) and has automatic failover within the same region.
- Data backup, retention, and sanitation are managed automatically by AWS.
- Mobile application available through a web browser on computers, phones, and tablets.
Data Security, Handling, and Storage
- Factbird uses end-to-end encryption through SSL/TLS.
- Factbird authentication runs through customers’ Single Sign On service or AWS Cognito.
- Customers can choose a dedicated AWS account to store their data(Private cloud) or use the shared tenant.
- All data is encrypted at rest in databases (Dynamo DB).
Governance & Risk
- The application is continuously scanned for known vulnerabilities by Detectify.
- The application is verified by security experts and manually penetration tested. The report can be shared with customers through the account manager.
- The infrastructure is verified by AWS experts in a Foundational Technical Review.
- Factbird has implemented the necessary processes to keep customer and partner data safe and secure.
Analytics
- Reports & analytics can be performed within the system or exported as CSV/EXCEL files.
- Data for reports can be accessed through an API in Power BI or other analytics tools. Data is real-time.
Validation Methodology and Documentation
-
The core system is validated using automatic unit and integration testing on code changes. The system is manually tested before each deployment.
-
Product updates are available to all clients through SaaS service. Product updates are announced as release notes.
Software development
- Factbird is developed using a scrum-like delivery methodology. Product updates are automatically released and rolled out continuously.