Security

Phenome Networks offers its solution in a secured, cloud-based Software-as-a-Service (SaaS) model in Amazon Web Service (AWS) or as an on-premise installation. Amazon’s servers provide a highly reliable infrastructure utilizing top-class security protocols with daily backups and compliance with international standards. Read more in the AWS overview here and more on security and compliance.

PhenomeOne security protocols

• IDS: Intrusion Detection System that is installed on all PhenomeOne servers, scans all actions that are performed on every server and provides real-time alerts for potential incidents, malware, and any suspicious changes in operating system files.
• WAF: Web Application Firewall that is installed on all web servers and scans all requests (APIs) that are sent to that server. If a request (API) contains unusual and suspicious parameters, it is automatically blocked.
• SSL: communication between client (browser) and server is encrypted. So, for example, if a username and password parameters are sent to a server, they are encrypted to eliminate “middle-man” attacks.
• Vulnerability scan: periodical vulnerability scans of two types: application level and infrastructure level. These scans attempt to penetrate the servers in real-time and report potential risks.
• IP whitelist: restricting IPs that can access the server. Meaning the entire website is accessible only from the customer’s network, and not from any other location (even before user/password authentication).
• SSO (Single Sign-On): PhenomeOne supports authentication using Active Directory or Okta to create a single sign-on mechanism.
• Backup:
  • The database is backed up daily and is stored for three months.
  • Servers AMI (Amazon Machine Image) are created daily and backup the content of the entire server.