At Etlworks, we take security and data protection very seriously. The figure below illustrates the layers of security between your data and the bad guys.
Perimeter security addresses security at the periphery of any private network, right where it connects to the public Internet. Firewalls and other elements of the perimeter protection infrastructure enforce access control policies that govern which information enters and leaves the network.
We install and configure the following elements of the perimeter protection infrastructure:
- system firewall.
- reverse proxy server.
- load balancer.
- we use only SSL connections.
- we open only port 443 for inbound traffic.
- we terminate SSL connections on the last element of the perimeter protection infrastructure: the load balancer.
- for inbound and outbound emails, we use a trusted enterprise-level third-party service, with manually-configured spam filters.
Authentication and Access Control
The user must be authenticated to access any of the resources within Integrator, including but not limited to:
- elements of the interface.
- functions, such as the ability to create flows and connections, run flows, etc.
- API endpoints.
Integrator uses JWT-based security, which is completely stateless and does not use sessions or cookies.
Integrator implements role-based access control (RBAC). In Role-Based Access Control, access decisions are based on an individual's roles and responsibilities within the user base.
In Integrator, each user can be assigned only one role.
The following roles are available:
- Administrator - has full control over data, can create, edit, delete flows, connections and formats. Manages users.
- Editor - equal to "Administrator", except that they cannot manage users.
- Executor - equal to "Editor", except that they cannot create, edit, or delete and don't have access to connections and formats.
- Viewer - can only view flows, schedules and execution statistics.
- API User - sees nothing and is only used for authenticating API calls to Integrator's API endpoints, such as the HTTP Listener API.
- strong passwords are enforced.
- JWT tokens are short-lived and automatically expire.
- when a new user is created, a strong password is automatically generated.
- it is required to have a real email address in order to sign up for the service or create a new user.
- the user can only change the password after the first successful login.
We encrypt all sensitive information transmitted to and stored on our servers.
Encryption during transmission
Since only SSL connections to Integrator's back end are allowed - inbound and outbound traffic is automatically encrypted.
Encryption of secure credentials
In Integrator, all passwords, access keys, and other secure credentials are encrypted by a strong encryption algorithm with a 512-bit private key.
Encryption of files
In Integrator, you can configure flows to store all files in the encrypted archive. This policy is not enforced.
Encryption of JWT tokens
In Integrator, JWT tokens are hashed using a strong encryption algorithm with a 512-bit private key.
Application security encompasses measures taken throughout the code's life-cycle, to prevent gaps in the security policies of an application or the underlying system (vulnerabilities) through flaws in the design, development, deployment, upgrade, or maintenance or database of the application.
Static code analysis for security vulnerabilities
Every build of Integrator triggers an automatic run of the static code analyzer, which is configured to identify the maximum number of potential security exploits to the code.
Potentially, security vulnerabilities can prevent completion of a build. If a build is not successful, manual intervention is required, followed by analyzing and fixing the vulnerabilities on a case-by-case basis.
Continuous Integration (CI) and Continuous Deployment (CD)
Every commit to the version control triggers the running of unit tests, and every build of Integrator triggers the running of a comprehensive set of unit and integration tests. About 30% of all tests are dedicated to security.
Any error in any of the tests causes a build to fail. All bugs in the code, as identified by the tests, must be fixed before the build can continue.
Scheduled, bug-free builds will be automatically deployed to designated environments. The deployment is atomic - all or nothing - and must be manually scheduled after the application passes the quality control in the staging environment.
Protection for the API endpoints
All API endpoints in Integrator, including the private ones, are protected by short-lived JWT tokens.
Read more about integrations and APIs.
When you subscribe to our service we ask you to enter contact information, such as a valid email address. We keep it in our database, which is completely isolated from the Internet.
When you place an order with us, we redirect you to our payment gateway provider, where you will continue entering sensitive/credit information over a secure SSL connection.
Important: we don't store credit information on our servers.
Application Data and Credentials
Our data protection policy is very simple - typically we don’t have access to your data at all unless you opt-in to store it on our servers.
- passwords and other secure credentials - we always encrypt them.
- data files which you decide to store on our servers - you have an option to store data in password-protected archive files.
- we never send passwords and other secure credentials to a web browser, so there is no way to view them anywhere in Integrator.
- each client has its own, private and isolated space.
- we monitor and regularly install security patches for all elements of the infrastructure, including our core operating system.
Our monitoring suite is a combination of third-party services and home-grown solutions, based on the industry standard elk stack. It includes the following elements:
- uptime monitoring using uptimerobot.com.
- a health dashboard.
- a logs collection.
In case of downtime or any critical problem in the infrastructure elements, we receive notifications within a few minutes. Our support is able to jump right into the problem and fix it without disturbing the customer's operations. Etlworks is offering different levels of SLA based on your subscription plan.
Our disaster recovery plan includes the following elements:
- daily database backups are shipped to an encrypted Amazon S3 bucket. All subscription plans include this option.
- for customers on our Enterprise subscription plan, we offer a High Availability (HA), zero downtime deployment option.