Data and Information
At Rest: Your data only resides in the production environment and is encrypted with AES-256
In Transit: All network communication uses TLS v1.2
Qualys' SSL Labs rated Dojoit’s SSL implementation an "A" on their SSL Server test.
We are using AWS Cognito with SRP authentication, key-exchange protocol, and SHA hash functions.
Our backup processes ensure data and information consistent with the highest standards
Default 35 days point in time recovery feature for database. On request, any day point in time recovery feature for database objects is available
99.99% guaranteed SLA for stored objects
Users are required to validate their accounts via a confirmation code provided in an automated e-mail.
Our cloud provider is Amazon AWS. We utilize a 100% serverless architecture, overlaying, and augmenting AWS compliance and security programs. We designed our architecture to follow international security standards and regulations while protecting confidentiality, data sovereignty, and data privacy regulations. We leverage AWS tools to set up firewall rules, intrusion, and DMZ policies.
We employ AWS CloudWatch for Application and Infrastructure monitoring.
We use several AWS services for logging, including:
AWS X-Ray provides an end-to-end view of requests as they travel through our application, enabling proactive issue identification and resolution
AWS CloudTrail enables governance, compliance, operational auditing, and risk auditing
We work with the following companies and tool systems to store, analyze, and transmit data for our users. They've been carefully vetted for best-in-class privacy, security practices, and compliance practices.
Amazon Web Services
If you have any questions about our security practices, please contact firstname.lastname@example.org.