The security of your company's data is of paramount importance to us.
All aspects of the RD Relief technology have been developed and maintained to the highest possible standards, the technical details of which are outlined below.
Compromised Password Prevention
In many secure login systems, if your password is exposed or guessed then your data would be compromised.
This is not the case at RD Relief. If you choose (at no additional cost), we can lock down all access to your data to specific IP addresses (which can easily be modified at any time). This means that to log into the cloud, you need to be accessing the system from a pre-authorised address (this can include home address/s if required). Hence, even in the event of a compromised password, your data would still be safe.
All application and database servers are hosted within Amazon Web Services (AWS). This is globally recognised to be one of the most secure hosting platforms available today, and as such is used by government, intelligence, and defence agencies around the world.
All data is stored in a PostgreSQL (external link) database instance. The database has been provisioned within the AWS RDS and is automatically updated with the latest security patches on a weekly basis (a 60-minute maintenance window at 1 am on Saturday morning, to limit service disruption).
All data is encrypted with the industry standard AES-256 encryption algorithm.
Additionally, all passwords are encoded with the SHA-256 hashing algorithm combined with a static salt and 8-byte random dynamic salt.
Application Level Security
The application utilises Java 8 with Spring Security 5 (external link). All minor versions are frequently updated (please let us know if you want to know the precise current versions).
Apache Tomcat 8 is used as the application container. This again has been provisioned within AWS with all the latest security patches applied during the weekly maintenance window.
All platform endpoints have been thoughtfully architected and rigorously tested, to ensure that only authorised users with the necessary privileges can access each page.
Upon login, all traffic is encrypted in transit via SSL (Secure Sockets Layer).
Firewalls have been provisioned through AWS to prevent web exploits that could affect application availability or compromise security.
Physical Location of the Data
All data will be held within the AWS UK instance - your data will never leave the UK.
This AWS region is designed and built to meet rigorous compliance standards including ISO 27001, ISO 9001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC3, PCI DSS Level 1.
Please contact us with any specific questions or concerns, and our security architect will get back ASAP.