Phenome Networks offers its solution in a secured, cloud-based Software-as-a-Service (SaaS) model in Amazon Web Service (AWS) or as an on-premise installation. Amazon’s servers provide a highly reliable infrastructure utilizing top-class security protocols with daily backups and compliance with international standards. Read more in the AWS overview here and more on security and compliance.
PhenomeOne security protocols
- IDS: Intrusion Detection System that is installed on all PhenomeOne servers, scans all actions that are performed on every server and provides real-time alerts for potential incidents, malware, and any suspicious changes in operating system files.
- WAF: Web Application Firewall that is installed on all web servers and scans all requests (APIs) that are sent to that server. If a request (API) contains unusual and suspicious parameters, it is automatically blocked.
- SSL: communication between client (browser) and server is encrypted. So, for example, if a username and password parameters are sent to a server, they are encrypted to eliminate “middle-man” attacks.
- Vulnerability scan: periodical vulnerability scans of two types: application level and infrastructure level. These scans attempt to penetrate the servers in real-time and report potential risks.
- IP whitelist: restricting IPs that can access the server. Meaning the entire website is accessible only from the customer’s network, and not from any other location (even before user/password authentication).
- SSO (Single Sign-On): PhenomeOne supports authentication using Active Directory or Okta to create a single sign-on mechanism.
- The database is backed up daily and is stored for three months.
- Servers AMI (Amazon Machine Image) are created daily and backup the content of the entire server.
The system offers a dashboard ,allowing the customer’s administrator to manage all user’s information, grant and restrict access to each user or user group.