Cloud Security

Amperfii’s security and availability architecture is built on top of ISO 27002:2013 controls and SOC 2 Focus Points to enable best practice protection controls, implemented based on industry standards. 

​

Physical Security & Data Hosting 

Amperfii uses AWS data centres in Australia. The services and data are hosted in Amazon Web Services (AWS) facilities in Sydney, Australia. 

​

Logical Access 

Access to the Amperfii Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Amperfii Production Network are required to use multiple factors of authentication and complete extensive background checks along with many technical and administrative controls. 

​

Failover and DR 

Amperfii was built with disaster recovery in mind. All of our infrastructure and data are spread across 3 AWS availability zones and will continue to work should any one of those data centres fail. 

​

Back Ups and Monitoring 

On an application level, Amperfii produces audit logs for all activity, ships logs for analysis and uses S3 for archival purposes. All actions taken on production consoles or in the Amperfii application are logged. 

​

Permissions and Authentication 

Access to customer data is limited to authorized privileged employees who require it for their job responsibilities. Amperfii runs a zero-trust corporate network. We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on OKTA, GitHub, Google, AWS, and Amperfii to ensure access to cloud services is protected.

​

Encryption

All data sent to or from Amperfii is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm. 

​

Pentests & Vulnerability Scanning

Amperfii uses third party security tools to continuously scan for vulnerabilities. Annually we engage independent third-party security experts to perform detailed penetration tests on the Amperfii application. 

​

Security Incident Response  

In case of a system alert, events are escalated to Amperfii providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication

channels and escalation paths. 

​

Application Security

Amperfii practices extensive processes and controls to ensure application security. All Amperfii engineers utilize common best practices defined by standards like OWASP, NIST and CIS Benchmark. 

​

Framework Security Controls

Amperfii leverages modern and secure open-source frameworks with security controls to limit exposure to OWASP Top 10 security risks. These inherent controls reduce our exposure to SQL Injection (SQLi), Cross Site Scripting (XSS), and Cross Site Request Forgery (CSRF), among others.