At Etlworks we take security and data protection very seriously. Figure below illustrates layers of security between your data and the bad guys.
Perimeter security addresses security at the periphery of any private network, right where it connects to public Internet. Firewalls and other elements of the perimeter protection infrastructure enforce access control policies that govern which information enters and leaves the network.
We install and configure the following elements of the perimeter protection infrastructure:
- system firewall.
- reverse proxy server.
- load balancer .
- we use only SSL connections.
- we open only ports 443 and 22 for the inbound traffic.
- we terminate SSL connection on the last element of the perimeter protection infrastructure: load balancer.
- for inbound and outbound emails we use trusted enterprise-level third party service with manually configured spam filters.
Authentication and Access Control
User must be authenticated to access any of the resources within Integrator, including but not limited to:
- elements of the interface.
- functions, such as ability to create flows and connections, run flows, etc.
- api endpoints.
Integrator uses JWT based security, which is completely stateless and does not use sessions or cookies.
Integrator implements role-based access control (RBAC). In Role-Based Access Control, access decisions are based on an individual's roles and responsibilities within the user base.
In Integrator each user can be assigned one role.
The following roles are available:
- Administrator - has full control over data, can create, edit, delete flows, connection and formats and manage users.
- Editor - same as "Administrator", but can not manage users.
- Executer - same as Editor, but can not create, edit, or delete and doesn't have access to connections and formats.
- Viewer - can only view flows, schedules and execution statistics.
- API User - sees nothing and used for authenticating API calls to Integrator's API endpoints, such as HTTP Listener API.
- strong passwords are enforced.
- JWT tokens are short lived and automatically expire.
- when new user is created, the strong password is generated automatically and send to the user's email account.
- it is required to have a real email address in order to sign up to the service or create a new user.
- user can only change the password after first successful login.
We encrypt all sensitive information transmitted to and stored on our servers.
Encryption during transmission
Since only SSL connections to Integrator's back-end are allowed - inbound and outbound traffic is automatically encrypted.
Encryption of the secure credentials
In Integrator all passwords, access keys, and other secure credentials are encrypted by strong encryption algorithm with 512-bit private key.
Encryption of files
In integrator you can configure flows to store all files in the encrypted archive. This policy is not enforced.
Encryption of the JWT tokens
In Integrator JWT tokens are hashed using strong encryption algorithm with 512-bit private key.
Application security encompasses measures taken throughout the code's life-cycle to prevent gaps in the security policies of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance or database of the application.
Static code analyzing for security vulnerabilities
Every build of Integrator triggers automatic run of the static code analyzer, configured to identify maximum number of potential security exploits in the code.
Potential security vulnerabilities can prevent from completion of the build. If build is not successful, the manual intervention is required, followed by analyzing and fixing of the vulnerabilities on case-by-case basis.
Continues Integration (CI) and Continues Deployment (CD)
Every commit to the version control triggers running of the unit tests, and every build of Integrator triggers running of the comprehensive set of unit and integration tests. About 30% of all tests are dedicated to the security.
Any error in any of the tests causes build to fail. All bugs in the code, identified by the tests, must be fixed before build can continue.
Scheduled, bug free builds, are getting automatically deployed to the designated environments. The deployment is atomic - all or nothing, and must be manually scheduled after application passes quality control in the staging environment.
Protection for the API endpoints
All API endpoints in Integrator, including private, are protected by the short-lived JWT tokens.
Read more about integrations and APIs.
When you subscribe to our service we ask you to enter contact information, such as valid email address. We keep it in our database, which is completely isolated from the Internet.
When you place an order with us, we redirect you to our payment gateway provider, where you will continue entering sensitive/credit information over secure SSL connection.
Important: we don't store credit information on our servers.
Application Data and Credentials
Our data protection policy is very simple - typically we don’t have access to your data at all unless you opt-in to store it on our servers.
- passwords and other secure credentials - we always encrypt them.
- data files which you decide to store on our servers - you have an option to store data in the password protected archive files.
- we never send passwords and other secure credentials to the web browser, so there is no way to see them anywhere in Integrator.
- each client has it's own, private and isolated space on our HD volume.
- we monitor and regularly install security patches for all elements of the infrastructure, including core operating system.
Our monitoring suite is a combination of the third-party services and home-grown solution, based on industry standard elk stack. It includes the following elements:
- uptime monitoring using uptimerobot.com.
- health dashboard.
- logs collection.
In case of downtime or any critical problem in the infrastructure elements, we are getting notifications within a few minutes. Our support is able to jump right into the problem and fix it without disturbing customer's operations. Etlworks is offering different levels of SLA based on the subscription plan.
Our disaster recovery plan includes the following elements:
- daily database backups are getting shipped to the encrypted Amazon S3 bucket. All subscription plans include this option.
- for the customers of our Enterprise subscription plan we offer High Availability (HA), zero downtime deployment option.