IT Infrastructure & Security Practice
CROSStrax utilizes Amazon Web Services (AWS) for IT infrastructure. We facilitate a cloud environment using a virtual private cloud (VPC) for a secure infrastructure. With the adoption of SaaS security practices, from secure product engineering, deployment, audits, to the regular SaaS security assessment are strictly followed. We have strict access control for AWS Services/Resources & default behavior is to block all access except needed one for each service. For more information on security, please visit https://aws.amazon.com/security/
Amazon Web Services (AWS), the network layer provides significant protection against traditional network security issues, such as MITM (Man-In-The-Middle) attacks, IP spoofing, port scanning, packet sniffing, etc. We also leverage the SOC2 capabilities from AWS that allow us to bring another layer of security to the system. For more information, please visit https://aws.amazon.com/compliance/soc-faqs/
CROSStrax AWS infrastructure is designed for high availability. We are using multiple availability zone setup for 100% uptime of all resources. We have autoscaling automation in a place where all web services are going to scale in real time for any spike in user traffic or heavy load situation.
Bank-level data security
To ensure compliance with internal and external data security, We have additional protective layers with user-level data security. We provide role-based access control features, allowing user-specific access and editing permissions for data.
Data in transition are 100% encrypted end to end (TLS)
To ensure the highest level of security, all interaction with servers are happening over SSL transmission only. TLS all the things (including internal server-to-server communication).
Data protected at rest with encryption
Some compliance regulations such as PCI DSS and HIPAA require that data at rest be encrypted throughout the data lifecycle. To this end, CROSStrax encrypt all volumes, database and files stored. Data encryption at rest is vital for regulatory compliance to ensure that sensitive data saved on disks is not readable by any user or application without a valid key.
Encourage complex password
We require users to create passwords that meet complex criteria: the minimum length, special characters, and mixed case letters. Account holders are encouraged to utilize a setting in the system in which user’s passwords expire after a certain time period. Once that occurs, the users are prompted to change their password, further strengthening the security of the platform.
Enable and Enforce Two Factor Authentication
CROSStrax encourages and allows users to enable two-factor authentication. User will receive One Time Password (OTP) by email to validate the same for an additional layer of security.
Data Security
All the data is stored securely & all account credentials, sensitive data & personal data are stored as encrypted in the system. Passwords are stored in a non-recoverable hash method.
Vulnerability testing is rigorous and ongoing.
We do a comprehensive assessment of vulnerability on a regular basis.
Monitoring
We do detailed monitoring that will alert us when unexpected events occur such as remote connections from new IP addresses, high network throughput, high CPU, new processes running on servers, etc.
Backup
We backup all data on a daily basis & data change logs are stored such that we can have a point of time restore with maximum 5-minute data loss in case of major disasters.
For questions regarding our security procedures and policy, please email us at support@crosstrax.co or call us at 844-620-8555.