Security

Betachon holds security to the highest regard. All software and supporting resources are implemented using best practices in application development for building highly-scalable, highly-available, highly-secure cloud-based applications.

The information below details the security standards and procedures used to protect your information within the Betachon application.

Identity and Access Control

User identities and related access permissions are managed within defined user roles. Invocation and revocation of access permissions is automated and specific to the role granted to each user. User identities are validated using an access policy related to the defined role of a user. The Identify Access Management Service provided by AWS is used to manage identity and access controls.

Penetration Testing

Application penetration testing security audits have been performed by third-party service provider Cigital to demonstrate vulnerabilities and guidance on addressing vulnerabilities to improve application security.

Infrastructure Security

All Betachon services are managed within Amazon Web Services (AWS). Cloud security at AWS is the highest priority. The standards and certifications listed below support the global infrastructure of Amazon’s cloud.

Monitoring and Logging

Internet traffic and resource utilization are analyzed using thirdparty software Amazon Inspector to identify potential application security issues. These resources are integrated into the DevOps processes at Betachon to ensure that security standards and best practices are included with all application features and improvements.

Credit Card Storage and Processing

All credit card numbers are encrypted and stored within Stripe using AES-256 encryption. Stripe is certified to PCI Service Provider Level 1, the highest level of certification available. All information managed by Stripe is protected within the Stripe privacy and security policies and adheres to federal regulations.

ISO 27001

ISO 27001 is the defacto international security standard that specifies security management best practices and compliance.

Data Encryption

Bidirectional encryption of communications between Betachon and external endpoints, including web services and client devices are executed over HTTPS protocol using TLS 1.2. This validates authentication and protects against man-in-the-middle attacks, eavesdropping or tampering with the information related to your Betachon account.SSL certification is provided by Comodo using 256-bit encryption with support for 99.9% of browsers and devices

SAS 70 Type II Audit Completion

Independent auditors certified AWS resources with certification of operational performance and security in safeguarding customer data.

Call Now