Security of our customers’ data is our top priority. We implement protective measures to prevent unauthorized access to our databases, computers, and servers.
All information stored in Aumtics remains your property. We are dedicated to ensuring that your data is not accessed, shared, or viewed without your explicit permission.
Data security means protecting your digital data, such as that stored in databases and data centers, from accidental or intentional destruction, modification, or unauthorized access. In today’s world, where businesses are managed via internet and cloud-based services, it’s crucial to understand how data is stored, moves across networks, and is used to enhance operations. Ensuring data security is vital to prevent breaches and maintain the integrity and confidentiality of sensitive information.
How Do We Keep Your Data Secure?
At Aumtics, we prioritize the data security of all our customers by implementing robust digital privacy measures to prevent unauthorized access to our databases, computers, and servers. The discretion to share private information rests solely with our end users, and Aumtics does not use or share the entered information elsewhere.
We do not collect sensitive information such as credit card or payment details on our website. None of the data collected from you is stored locally or altered in any way.
All Aumtics services are hosted on Hostinger Virtual Private Servers (VPS) Cloud facilities and infrastructure, ensuring no Aumtics employee has physical access to the Hostinger VPS Cloud.
Hostinger VPS services prioritize cloud security, and Aumtics upholds these standards by hosting all our production databases and servers on Hostinger VPS. This ensures we meet core security and compliance requirements, including data locality, protection, and confidentiality. These stringent measures protect against traditional security threats such as DoS attacks and data sniffing. Additionally, we employ a web application security filter to prevent Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), SQL Injection, and HTML Injection.
Logical Access Control and Host Security
We mandate two-factor authentication and secure keys for all Aumtics employees to access the Hostinger VPS console, preventing unauthorized logical access or security breaches of Aumtics services hosted on Hostinger VPS.
All services hosted on Hostinger VPS are configured to be accessible only from static office IP addresses, preventing external unauthorized attempts to hack our databases or production servers.
Restriction over Administrative Operations
Within Aumtics, administrative privileges for Hostinger VPS configurations, databases, servers, and hosted services are granted only to select employees. Role-based access configuration ensures employees gain operational access only within their authorization limits.
All administrative operations are documented, reviewed, and tested on stage before implementation in production. Administrative actions are logged automatically. Encryption keys and shared secrets are accessible only to authorized system administrators.
Application Security, Backup, and Monitoring
• Aumtics applications run on HTTPS, using industry-standard encryption for data transmission.
• Regular VAPT tests are conducted on Hostinger VPS services and Aumtics applications, with vulnerabilities promptly addressed and systems updated with the latest service packs and security patches.
• Sensitive fields in testing and development databases are masked, and sensitive information is stored in encrypted format.
• Aumtics file store, queue data, and production SQL databases are hosted on Hostinger VPS, complying with stringent security standards and secure key management practices.
• All requests to production servers and databases are logged for quick anomaly detection.
• Production database data is backed up every 24 hours, with a seven-day backup maintained.
• All passwords for operating systems, applications, databases, network, and security devices are stored in hashed format (one-way encryption).
Key Management Processes
• Implementing control procedures for distributing, storing, archiving, changing, and updating keys.
• Recovering, revoking, destroying, and managing compromised keys.
• Logging all transactions associated with keys.
Disclosure
We are dedicated to making our systems foolproof and achieving SOC2 security compliance standards. Aumtics is committed to informing its customers promptly in the event of a data breach or security attack that causes an application outage. To report a security concern, please email security@aumtics.com. We aim to address all security questions and issues within two working days.
© 2024 Aumtics Technologies. All Rights Reserved.