Security

Introduction

Security is a major component in all our development process & environment configuration. We put in place the most rigorous practices for our developments.

 

Security tools

Security scores are checked before each new release. We carry out the necessary action plans to always maintain a good rating in the different areas :

 

mceclip0.png

 

In addition:

  • every week we run automatic tests based on OWASP ZAP
  • each year, we have an external human intrusion testing by an independant  3rd party security company.  

 

Monitoring

Business continuity is ensured by multiple front-end servers in autoscalling with Azure Front Door services.

All front ends are monitored by Azure Monitor to monitor :

  • CPU
  • Memory
  • ServerException / failiures
  • Response Time

Our operation center receive these alerts for actions

All of Powell Assets are replicated on an Azure premium CDN to ensure redondancy.

In the event of a major breakdown, we immediately inform our customers on this page :

https://support.powell-software.com/hc/en-us/sections/4407002188562-Important-information-Major-Incidents

You can track the progress of the incident until it is resolved.

 

Traffic encryption

All the traffic from and to the Powell Software platform is encrypted (and HTTPS protocol enforced), using TLS 1.2 , ensuring secure communication between our customers and our platform. To do so, we’re using Azure Front Door as the only entry point to the app (web apps and API).

 

Database encryption

Our infrastructure is hosted in Microsoft Azure. We use the services SQL Azure Database.

The database is encrypted. We use the feature TDE (Transparent Data Encryption)

https://docs.microsoft.com/en-us/sql/relational-databases/security/encryption/transparent-data-encryption-azure-sql 

 

Backup

Our infrastructure is hosted in Microsoft Azure. We use the services of backup/restore offered by Microsoft Azure.

Services

  • Backup is performed once a day.

Database

  • A full backup is done once a day.
  • Transactions are saved every 5 minutes.

The retention period is 6 months.

 

 

Was this article helpful?
0 out of 0 found this helpful