IT Infrastructure & Security Practice
CROSStrax is using Amazon Web Services (AWS) for IT infrastructure. We facilitate a cloud environment as per Private Investigator (PI) industry needs. We are using virtual private cloud (VPC) for secure infrastructure. With adoption of SaaS security practices, from secure product engineering, deployment, audits, to the regular SaaS security assessment are strictly followed. We have strict access control for AWS Services/Resources & default behaviour is to block all access except needed one for each services. For example for web server all non http ports are blocked.
Amazon Web Services (AWS), the network layer provides significant protection against traditional network security issues, such as MITM (Man-In-The-Middle) attacks, IP spoofing, port scanning, packet sniffing, etc.
CROSStrax AWS infrastructure is designed for high availability. We are using multi region & multiple availability zone setup for 100% uptime of all resources. We have autoscaling automation in place where all web services are going to scale in real time for any spike in user traffic or heavy load situation.
User-level data security
To ensure compliance with internal and external data security, We have additional protective layers with user-level data security. We provide role-based access control features, allowing user-specific access and editing permissions for data.
Data in transition are 100% encrypted end to end (TLS)
To ensure the highest level of security, all interaction with servers are happening over SSL transmission only. TLS all the things (including internal server-to-server communication).
Encourage complex password
We require users to create passwords that meet complex criteria: the minimum length, special characters, and mixed case letters.Enable and Enforce Two Factor Authentication
CROSStrax allow users to enable two factor authentication. User will receive One Time Password (OTP) by email to validate same for additional layer of security.
All the data are stored securely & all account credentials, sensitive data & personal data are stored as encrypted in system. Passwords are stored in non-recoverable hash method.
Vulnerability testing is rigorous and ongoing.
We do comprehensive assessment of vulnerability every three months.
We do detailed monitoring that will alert us when unexpected events occur such as remote connections from new IP addresses, high network throughput, high CPU, new processes running on servers, etc.
We backup all data on daily basis & data change logs are stored such that we can have point of time restore with maximum 5 minute data loss in case of major disasters.