Data Security and Technology

Introduction

Software-as-a-Service, or SaaS, has become a business model as well as an application delivery model. SaaS offers the unique quality of multitenancy, which primarily differentiates it from the application service provider (ASP) model or from in-house applications. With SaaS, just one software instance can serve many customers (or tenants).

SweldoMo takes data privacy very seriously and will always strive to ensure that the proper handling of information to protect the privacy and integrity of customer data.

Physical Security

Data Centers

SweldoMo’s infrastructure relies on Amazon Web Services (AWS), the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. AWS has the most extensive, reliable, and secure global cloud infrastructure.

Amazon Web Services (AWS) meets a broad set of international and industry-specific compliance standards, such as General Data Protection Regulation (GDPR), ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards, including Australia IRAP, UK G-Cloud, and Singapore MTCS

Rigorous third-party audits verify Amazon Web Services (AWS)’s adherence to the strict security controls these standards mandate

Redundancy

SweldoMo’s servers are located in different Availability Zone (AZ). Each Availability Zones is composed of one or more discrete data centers with redundant power, networking, and connectivity in an AWS Region. AZ’s give customers the ability to operate production applications and databases that are more highly available, fault tolerant, and scalable than would be possible from a single data center. Our application is partitioned across AZ’s, isolated and protected from issues such as power outages, lightning strikes, tornadoes, earthquakes, and more. AZ’s are physically separated by a meaningful distance, many kilometers, from any other AZ, although all are within 100 km (60 miles) of each other.

AWS ensures 99.99% uptime.

Every Amazon EBS volume that is provisioned will be automatically replicated to other storage devices in the same Availability Zone inside the AWS region to offer redundancy and high availability (guaranteed 99.999% by Amazon).

Network Security

Secure Web Communication

SweldoMo implements SSL technology, consisting of a public key and a private key, to protect sensitive information. All communications with SweldoMo servers are encrypted using industry standard HTTPS over public networks. This ensures that all traffic between SweldoMo and its users secure during transit. Additionally, for email, SweldoMo supports Transport Layer Security (TLS), a protocol that encrypts and delivers email securely, mitigating eavesdropping and spoofing between mail servers.

Secure Server Access

All servers on SweldoMo’s fleet implements SSH protocol. The SSH protocol (also referred to as Secure Shell) is a method for secure remote login from one computer to another. It provides strong authentication, and it protects the communications security and integrity with strong encryption.

Data Storage

SweldoMo customers share the network security infrastructure, Web servers, and application servers but is assigned a unique database to address information privacy concerns and current regulations. This separation of customer data not only satisfy the regulations but also give customers peace of mind.

Backup and Restore

SweldoMo runs full back-up daily and incremental backups on an hourly basis.

Data Encryption

SweldoMo utilizes AWS EBS encryption. Encryption operations occur on the servers that host EC2 instances, ensuring the security of both data-at-rest and data-in-transit between an instance and its attached EBS storage.

Data Privacy

SweldoMo is committed to protect the personal and sensitive information of customers by providing companies proper guidelines for handling user data.  As part of its compliance to Philippine laws and Department of Labor and Employment (DOLE) standards, SweldoMo strictly adheres to the Data Privacy Act of 2012 and ensures the application of industry best practices to comply with this legal requirements.

References

AWS Compliance Programs – link here
Amazon Compute Service Level Agreement – link here
Amazon EFS Service Level Agreement – link here
Amazon EBS encryption – link here
Republic Act 10173 – Data Privacy Act of 2012 – link here
SSH Protocol – link here