At Managed Functions, we're committed to providing our customers with a reliable, secure Managed Functions. The design philosophy behind managed functions is they have as few moving parts as possible and the smallest attack vector possible. To achieve this:
- A single managed function moves each type of data onto the data storage with our cloud provider
- Data is stored using each cloud provider’s secure data storage framework and locked down using the cloud provider’s best practices
- If a managed function requires a public-facing API then the API is secured using the best practices of the cloud provider and locked down to the customer’s IP addresses where possible. This design allows a specialist third-party to cost-effectively validate the controls in place prior to moving into production. We arrange this for each customer that requests it.
We've partnered with Amazon Web Services (AWS) (opens in a new tab) which provides the hardware and infrastructure to support our Managed Functions. AWS was launched in July 2002 and is the most popular on demand infrastructure for commodity computing and virtual secure storage on the planet.
With AWS providing the physical hosting infrastructure, Amazon enforces physical security through a variety of methods as covered in their Security Whitepaper (opens in a new tab). The buildings, servers, and infrastructure of Amazon’s services is the same as their multi-billion dollar AWS retail business, so you can be assured that your application and data are secure.
We encrypt all communication between customers and our data center using high-grade encryption (AES-256 256 bit). Access to Managed Functions is only available through secure sessions (https) and only available with an authenticated login and password. Passwords are never transmitted or stored in their original form.
No customer can see another customer’s data. Data is stored securely using unique keys for each customer.
In addition to the physical redundancy (network, power) that AWS provides, we have redundant configurations for each component of its infrastructure. All customer data is stored on AWS’s S3 service. The S3 service is then replicated throughout the AWS data centers globally.
We're able to leverage AWS to provide a best in class disaster recovery program. Using AWS services for data storage as described above we eliminate the risk of customer data loss. If the primary hardware for a customer fails, we can immediately switch over to the secondary hardware, which is running concurrently with the primary. If there is a disaster that fails both the primary and secondary servers, we have the ability to failover to other AWS data centers.