by At CogniFit, Inc. the security of information is vital for the operation of the company.
Security commitments are standardized and include, but are not limited to, the following:
- Security principles within the fundamental designs of the CogniFit, Inc. services that are designed to permit system users to access the information they need based on their role in the system while restricting them from accessing information not needed for their role.
- Maintain commercially reasonable administrative, technical, and organizational measures that are designed to protect customer data processed.
- Encryption of data at rest and in transit.
- Maintain security procedures that are consistent with applicable industry standards.
- Document and enforce confidentiality agreements with third parties prior to sharing confidential data.
- Review documentation from third-party providers to help ensure that they are in compliance with security and confidentiality policies.
- Maintain business continuity and disaster recovery programs.
- Restrict system access to authorized personnel only.
- Regularly assess security programs and processes.
- Identification and remediation of security incidents/events.
Infrastructure and security details
Servers
CogniFit servers run within Amazon Web Services in the US East (Northern Virginia) Region.Front-end and back-end servers are located behind a Web Application Firewall (WAF), which helps us to detect and block malicious web requests.
All communication with CogniFit servers is encrypted via TSL using HTTPS.
Databases
CogniFit databases are deployed within AWS Relational Database Service (RDS). Amazon RDS is a managed service that allows to set up, operate and scale a relational database in the cloud, while automating administration tasks such as hardware provisioning, database setup, patching and backups.
At CogniFit we use two different databases to store user personal data and user cognitive data separately. Therefore, personal data and cognitive data are not directly linked to minimize the risk of a data leak. Cognitive data is stored anonymized, Data is also encrypted at rest using AES-256 encryption algorithm.
CogniFit databases are not publicly accessible and they are located behind a firewall that allows access only from certain servers within the CogniFit network.
Network configuration
All CogniFit servers are located in an Amazon Virtual Private Cloud (VPC), an isolated section of the AWS Cloud that allows us to have control over the virtual networking environment. The servers are on different subnets and they communicate to each other through the internal network not publicly accessible.
Access control
Full administrator access to AWS is limited to few roles (CIO, CISO and Security Administrator) and requires two-factor authentication.
Developers access is controlled through AWS Identity and Access Management policies, and developers only have access to the resources inside AWS needed for their contracted duties. This access also requires two-factor-authentication.
User data
Access to CogniFit products is password protected for final users. User’s passwords are never stored as clear text and they are hashed before being stored in the encrypted at rest RDS database inside our VPC which doesn’t have public access.
All user data is sent to CogniFit servers encrypted via SSL using HTTPS. As mentioned before, all encrypted communication with the backend servers is also done using HTTPS.
CogniFit does not store any financial data from users. Financial data is collected by specialized services as Stripe, Fast Spring and PayPal. This typically includes encrypted communication via HTTPS and high-level security measures to avoid data leaks.
Availability
Availability of CogniFit service is ensured by distributing the workload between different servers located in separate availability zones across Amazon Web Services.
All frontend servers are behind a load balancer and distributed between at least two Availability Zones in Amazon Elastic Cloud Computing (EC2). The load balancer provides both balancing load and failover capability in case a server fails. In addition, the load balancer has a built-in auto-scaling system configured to support exceptional peaks in user access by increasing or reducing the amount of resources available depending on the demand.
For our backend servers there is a similar configuration, a load balancer distributes traffic between at least two servers located in different Availability Zones.
In regards to data, the databases are deployed using the Multi-AZ option. This allows for a high availability and automated failover from the primary database to a synchronously replicated secondary database. In case of failure of the primary database, the system automatically performs an automatic fail over to the standby database.
Backups
Amazon’s RDS automated backup feature enables point-in-time recovery for the database instances. This allows us to restore the database instances to any second during the retention period, up to the last five minutes. The data is stored encrypted at rest to avoid memory leaks.
Database snapshots are taken daily and stored in Amazon S3 automatically. Amazon S3 provides a highly durable storage infrastructure designed for mission-critical and primary data storage. Amazon S3 redundantly stores data in multiple facilities and on multiple devices within each facility.
A copy of the DB snapshots is stored encrypted for a limited period of time in a second AWS region. In case the region of AWS where the RDS DBs are running becomes unavailable for any reason this operation allows us to keep the data safe and to avoid risk in our BCP.
Monitoring
We use AWS CloudWatch and an internal monitoring tool to measure and analyze the different parameters of the servers. If any of the metrics are out of bounds, an alert email is sent to the IT team. So, the team can take the actions required to get the server back into a normal state.
We use a mix of third-party services, Newrelic and Pingdom, to measure the performance and availability of the CogniFit website and services.
As described before, when security incidents occur, the Security Administrator with the help of all the technical team, if necessary, will conduct root cause analysis and initiate architectural change if required within the following 48h.
Access logging
We use AWS CloudTrail to log all configuration changes to our AWS infrastructure and all accesses to AWS. This log information is stored in AWS S3. So, we know which user has made which change and the exact date. Only CIO, CISO and the Security Administrator roles have full administrator access to AWS.
Vulnerability scanning and penetration testing
We use a third party to detect the vulnerabilities and security weaknesses of our network and servers.
Every time a new element is added to our network, we conduct a vulnerability scan on that element with Intruder to detect potential vulnerabilities.
Intruder also scans our network on a monthly basis, and performs automatic scans for the latest vulnerabilities as soon as they emerge.
A penetration test is run annually on the CogniFit infrastructure and servers.The results of the penetration test are analyzed and appropriate measures are taken to eliminate or mitigate the findings.