Enterprise Security Checklist

Arjita

Business head
September 22, 2020

Everything you need to know about enterprise security provided by Artwork Flow. Your data safety and security is our primary responsibility.

Database Security

In transit 

Artwork Database secures your data by encrypting data in-transit with Transport Layer Security. Encryption (SSL/TLS) is enforced by default. 

At rest 

Database uses the FIPS 140-2 validated cryptographic module for storage encryption of data at-rest. Data, including backups, are encrypted on disk, with the exception of temporary files created while running queries. The service uses the AES 256-bit cipher included in Azure storage encryption, and the keys are system managed. Storage encryption is always on and can't be disabled.

Backup and Restoration 

The system takes backups at a frequency of every day. Backups are retained for 35 days

Logs 

Every action taken in Artwork Flow Infrastructure is recorded and stored in the form of logs. These logs have information on IP address, who made the request, when was it made and other details.

File storage security

Access and Security

- All the artwork files are stored in a secure S3 bucket on Amazon Web Services (AWS)

- All S3 objects are private by default. In case of Artwork Flow, these objects can be accessed only by the Artwork Flow application layer

Monitoring and Logging of Storage Files

Network Security 

Secured Network at Artwork Flow for your organisation


- All network calls are secured over HTTPS 

- A secured token is used on every API call, this is currently done using JWT

Compliance of best business practices through our service providers 


SOC 2 - Trust

ISO 27001 - Information Security Management

ISO 27018 - Protection of Personally Identifiable Information

PCI DSS - Payment Security

ISO 22301 - Business Continuity


Related Articles