Security

Applivery takes the security of your data very seriously.
We are committed to providing an environment that is safe, secure, and available to all of our customers.

Security
  • April 26, 2023

Infrastructure Security

Applivery’s infrastructure is secured through a defense-in-depth layered approach enabled by our Infrastructure providers (DigitalOcean and AWS). Access to the management network infrastructure is provided through multi-factor authentication points which restrict network-level access to infrastructure based on job function utilizing the principle of least privilege. All access to the ingress points are closely monitored, and are subject to stringent change control mechanisms.

Systems are protected through key-based authentication and access is limited by Role-Based Access Control (RBAC). RBAC ensures that only the users who require access to a system are able to login. We consider any system which houses customer data that we collect, or systems which house the data customers store with us to be of the highest sensitivity. As such, access to these systems is extremely limited and closely monitored.

Physical Security

Our datacenters are located in some of the most respected datacenter facility providers in the world. We leverage all of the capabilities of these providers including physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Security controls provided by our datacenter facilities includes but is not limited to:

  • 24/7 Physical security guard services
  • Physical entry restrictions to the property and the facility
  • Physical entry restrictions to our co-located datacenter within the facility
  • Full CCTV coverage externally and internally for the facility
  • Biometric readers with two-factor authentication
  • Facilities are unmarked as to not draw attention from the outside
  • Battery and generator backup
  • Generator fuel carrier redundancy
  • Secure loading zones for delivery of equipment

Access Logging

Systems controlling the management network at Applivery log to our centralized logging environment to allow for performance and security monitoring. Our logging includes system actions as well as the logins and commands issued by our system administrators.

Security Monitoring

Applivery’s Security team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviors are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.

Snapshot and Backup Security

Snapshots and Backups are stored on an internal non-publicly visible network on NAS/SAN servers that are regionally separated from the main infrastructure.

Certifications

ISO 27001

Applivery is officially ISO 27001 :2022 certified.

Our ISO 27001 certification means that your data are in safe hands. You can also count on us to ensure that your company’s information will be handled with integrity and that we comply with the highest security standards.

Moreover, we are constantly developing and testing new features to effectively protect your data, which means implementing policies and processes that are aligned with industry best practices.

Check our certification status here.

The McAfee Enterprise-Ready seal under the McAfee CloudTrust Program is reserved to cloud services that have the highest CloudTrust rating possible — based on their attributes across the data, user and device, security, business, and legal evaluation categories. Ratings are developed and continuously updated by McAfee’s Service Intelligence Team, a group of dedicated data scientists who use both automated processes and intensive manual research to evaluate third-party services. Applivery was awarded this certification in April 2020. You can download our certificate here.

Our Infrastructure providers (DigitalOcean, Amazon Web Services & Google Cloud) are certified in several international standard.

Digital Ocean

DigitalOcean is certified in the international standard ISO/IEC 27001:2013. By achieving compliance with this globally recognized information security controls framework.

Amazon Web Services:

AWS has certification for compliance with ISO/IEC 27001:201327017:201527018:2019, and ISO/IEC 9001:2015. All AWS services used by Applivery are covered under these certifications.

Google Cloud:

Google Cloud has certification for compliance with ISO/IEC 27001:2013All Google Cloud services used by Applivery are covered under these certifications.