At Amperfii, we take security very seriously. Our product has been built according to industry-leading standards, and we are continually auditing and evolving our platform to stay ahead of the curve. Find out more about...
Product Security & Reliability
Application Uptime
Our team provides best efforts to ensure that our subscription service is available to customers for 99.5% of the time.
Authentication
We have work underway (ETA mid-September 2023) to upgrade our authentication infrastructure to provide:
-
SAML Single Sign-on
-
Multi-factor authentication
-
Configurable account lockout functionality
Password and Credential Storage
Amperfii enforces password complexity standards, and leverages bcrypt hashing in our storage of credentials.
Role-Based Access Controls
Access to data within the Amperfii application is governed by role-based access controls (RBAC). The roles available are as follows:
-
Admin Access - Users with Admin Access can change all application settings and manage all workspaces
-
Workspace Full Access - Users with Full Access within a workspace are able to manage all data and user access within that workspace
-
Workspace Edit Access - Users with Edit Access within a workspace are able to manage all opportunities within that workspace
-
Workspace Comment Access - Users with Comment Access will be able to add commentary on opportunities within the assigned workspace
-
Workspace Read-Only Access - Users with Read-Only Access will be able to view all opportunities within the assigned workspace.
IP Whitelisting
Amperfii can be configured to restrict access to designated IP address ranges.
Cloud Security
Cybersecurity is a continually evolving threat, and so we leverage the NIST Cybersecurity Framework as a foundation for managing and reducing security risks.
Physical Security & Data Hosting
Amperfii’s services and data are hosted in Amazon Web Services (AWS) facilities in Sydney, Australia.
Logical Access
Access to the Amperfii Production Network is restricted by an explicit need-to-know basis, utilizes principles of least privilege, is frequently audited and monitored, and is managed by our company directors.
Access to all digital assets including production infrastructure and services used by the Amperfii team leverages multi-factor authentication. Employees are subject to extensive background checks prior to employment.
Backup and DR
On an application level, Amperfii produces audit logs for all activity, ships logs for analysis and uses S3 for archival purposes. All actions taken on production consoles or in the Amperfii application are logged.
We back up customer data on an hourly basis and are able to recover and restore customer data in a DR event if required.
Permissions and Authentication
Access to customer environments & data is limited to authorized privileged employees who are responsible for managing & supporting customer environments, and protected by multi-factor authentication.
Encryption
All data sent to or from Amperfii is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL. All stored customer data is encrypted at rest.
Vulnerability Scanning & Penetration Testing
Amperfii uses third party security tools to continuously scan for vulnerabilities. We engage with independent third-party security experts to perform detailed penetration tests on our application.
Security Incident Monitoring & Response
Amperfii has monitoring in place to detect intrusion attempts across our cloud infrastructure.
In case of an alert, events are escalated to Amperfii providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.
HR Security
At Amperfii we ensure that our employees adhere to the highest security standards by implementing extensive employee background checks and multiple administrative controls.
Policies
Amperfii has developed a comprehensive set of security policies & procedures based on the NIST Cybersecurity Framework. These policies are updated frequently and communicated to all employees.
Employee Screening
Amperfii performs background checks on all new employees in accordance with local, federal and state laws applicable to our business. The background check includes employment verification, criminal checks, credit checks, deeper historical references and education verification.
Confidentiality
All employee contracts include a confidentiality agreement.
Privacy Policy
Amperfii's Privacy Policy can be found here.
Legal Resources
Amperfii's Terms of Service can be found here.
