Security is always a top priority when you are exposing your application and data to the outside world. While everything resides on your cloud, cloud security becomes even more important.
We did a lot of research to think about all the security aspects of cloud, what all measures should be taken to keep a cloud secure. Not only did we implement security metrics on PowerBoard, we also ensured that your data stays secured on our application. took care of your cloud data security on our servers.
PowerBoard focusses on taking away your cloud security worry along with several other worries and we made sure that you are at peace knowing your workloads, data is secured with PowerBoard.
Once you sign up on PowerBoard, you will be asked to authenticate your cloud account so that PowerBoard can start fetching the data. While we fetch your data from your cloud account, we take care of its security at our end as well.
Understand PowerBoard’s Architecture of the application
- Application: PowerBoard is built primarily on AWS cloud platform, using serverless architecture. Some modules, however, are built on Microsoft Azure and Google Cloud Platform as well. technologies along with extensive use of Lambda while written in Python. And the frontend is developed using AngularJs, Typescript.
- Infrastructure: There are a total of 3 environments, namely development, staging and production. All the environments are hosted on AWS cloud platform, with some modules hosted on Microsoft Azure and Google Cloud Platform as well. Policies are in place to segregate and control access to each environment, following the principles of “least privilege” access only.
How secure is the data on PowerBoard?
- PowerBoard has read only access to your cloud account through the IAM role it creates during the customer on-boarding process. It collects data related to resources, such as billing and usage data for resources that are provisioned along with services that are used in your cloud account. It does not have access to any data that is stored in any storage services on your cloud account including any data or configuration for any of the servers or resources in your cloud account. PowerBoard also does not have access to any data stored or operating system in any of the servers in your cloud account.
- All data stored for PowerBoard is encrypted.
- Customer data is only stored in the production environment and it is never replicated or transferred out of the production environment.
How access to PowerBoard is controlled?
- All customer data is always secured and protected through automated security controls. Customer data, servers and other services in the production environment are accessible only to a handful of Loves Cloud’s employees, who are experienced, authorized and highly qualified to understand the sensitivity of customer data and its usage.
- All access is secured either through roles or through multi factor authentication for increased security.
- All access activities details to production systems are logged, monitored and audited periodically to ensure continuous compliance of access control policies. Access credentials are rotated on a predefined frequency.
To know more, understand in detail you can also go through our security policy as well.