...
In the case of AWS, we recommend creating a brand new account and adding it to your organization at AWS. VXG will only have access to this isolated account dedicated to Cloud VMS.
Data transfer
All off-premises network protocols are TLS encrypted:
WSS (Web Socket Secure),
RTMPS (Real-Time Messaging Protocol Secure)
WebRTC (Web Real-Time Communication)
HTTPS (Hypertext Transfer Protocol Secure)
Data security
Optionally, the cloud storage can be encrypted – a feature provided by the cloud storage providers.
VXG uses AWS that meets high industry standards for data security, disaster recovery, physical and privacy, including ISO 27001, SSAE16/ISAE 3402 Type II: SOC 2, and SSAE16/ISAE 3402 Type II: SOC 3 certifications. See AWS Cloud Security for more information.
Data encryption
The stored data is encrypted using the cloud storage provider.
In the case of AWS S3 storage, AWS offers several options for data encryption. See https://docs.aws.amazon.com/AmazonS3/latest/userguide/serv-side-encryption.html for more information.
Penetration tests
The platform has passed a professional penetration test. The test was carried out as a grey box penetration test.
Methodology.
We ensure to use only current technologies, tools and follow best practices for penetration testing. Additionally, all work is done completely independently to ensure the best quality is reached and a deep security assessment is done. All tests are guided and inspired by the OWASP Testing Guide and Open Source Security Testing Methodology Manual (OSSTMM) to reach the highest standards.
Tools
The list of tools is available upon request.