Your security is our highest priority.
Physical & Network Security
All customer data is hosted on Amazon’s AWS platform and infrastructure and meets the highest global standards. Yuvo employees have no physical access to this production environment.
Here are more details about the security setup of AWS.
In addition to physical security, the AWS platform also provides significant protection against traditional network security issues on the infrastructure such as Distributed Denial Of Service (DDoS) or Man In the Middle (MITM) attacks
Administrative privileges are restricted to select employees and subject to our highest levels of internal security. We follow the standard security best practice of granting least privilege.
Each login is identified by a user, whose access to our servers requires SSH keys and is closely tracked. To ensure higher security only restricted IPs are allowed to access our servers.
Hosts are segmented and access are restricted based on functionality. That is, application requests are allowed only from AWS ELB and database servers can be accessed only from application servers and some restricted IPs.
Our application servers can be accessed only via HTTPS. All client data from login to logout is encrypted using the highest encryption standards available.
Common attacks protection
We follow best practices and rely on latest security features of our web application framework (Django) to protect our users against severe security threats such as:
- Cross site scripting (XSS)
- Cross site request forgery (CSRF)
- SQL injection
Vulnerability Scanning & Patching
Yuvo constantly checks for vulnerabilities and patches them appropriately.
Data Storage & Redundancy
All our data is hosted on Amazon’s RDS with automated backup feature enabled.
Our security team constantly monitors our servers through internal and external services and is immediately notified in case of any anomalies.
While your security is our highest priority, as a young company we might have overlooked some of your security concerns. In such case, your feedback will be invaluable. Please reach us on firstname.lastname@example.org.