Description

This page provides information regarding the security and data storage best practices that SoftLedger follows. Keeping your data secure and available is of top priority. Please contact support@softledger.com if you would like to know more.

 

Security

  • 256 bit encryption.
  • All data is encrypted at rest.
  • Softledger uses TLS1.2.
  • User based permissions based using OAUTHv2.
  • Application only access. Users have no direct database access.
  • The principle of least authority (POLA) is followed for Server/Network/Application access. Employees are given only those privileges necessary to do their duties.
  • Accounts are locked after multiple incorrect password attempts.
  • Multi-factor authentication.
  • Secure password policy focused on length vs complexity as this is a better representation of security(NIST).

Data

  • Hosted on AWS (Amazon Web Services).
  • Multi-region(datacenter) replication.
  • Continuously backed up with a 7 day recovery window.
  • Recovery time of < 24 hours with less than 1 hour of lost data(typically closer to 5 minutes).