At Amperfii, we take security very seriously. Our product has been built according to industry-leading standards, and we are continually auditing and evolving our platform to stay ahead of the curve. Find out more about...
Product Security & Reliability
SSO
Amperfii offers SAML Single Sign-on (SSO) to allow admins to determine who has access to Amperfii from your existing identity provider/SSO solution.
Password and Credential Storage
Amperfii enforces a password complexity standard, and stores credentials using a PBKDF function.
Role-Based Access Controls
Access to data within the Amperfii application is governed by role-based access controls (RBAC). The roles available are as follows:
-
Admin Access - Users with Admin Access can change all application settings and manage all workspaces
-
Workspace Full Access - Users with Full Access within a workspace are able to manage all data and user access within that workspace
-
Workspace Edit Access - Users with Edit Access within a workspace are able to manage all opportunities within that workspace
-
Workspace Comment Access (Coming soon) - Users with Comment Access will be able to add commentary on opportunities within the assigned workspace
-
Workspace Read-Only Access - Users with Read-Only Access will be able to view all opportunities within the assigned workspace.
IP Whitelisting
Amperfii can be configured to only allow access from designated IP address ranges. These restrictions can be applied to all users.
Cloud Security
Amperfii’s security and availability architecture is built on top of ISO 27002:2013 controls and SOC 2 Focus Points to enable best practice protection controls, implemented based on industry standards.
Physical Security & Data Hosting
Amperfii uses AWS data centres in Australia. The services and data are hosted in Amazon Web Services (AWS) facilities in Sydney, Australia.
Logical Access
Access to the Amperfii Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Amperfii Production Network are required to use multiple factors of authentication and complete extensive background checks along with many technical and administrative controls.
Failover and DR
Amperfii was built with disaster recovery in mind. All of our infrastructure and data are spread across 3 AWS availability zones and will continue to work should any one of those data centres fail.
Back Ups and Monitoring
On an application level, Amperfii produces audit logs for all activity, ships logs for analysis and uses S3 for archival purposes. All actions taken on production consoles or in the Amperfii application are logged.
Permissions and Authentication
Access to customer data is limited to authorized privileged employees who require it for their job responsibilities. Amperfii runs a zero-trust corporate network. We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on OKTA, GitHub, Google, AWS, and Amperfii to ensure access to cloud services is protected.
Encryption
All data sent to or from Amperfii is encrypted in transit using 256 bit encryption. Our API and application endpoints are TLS/SSL. We also encrypt data at rest using an industry-standard AES-256 encryption algorithm.
Pentests & Vulnerability Scanning
Amperfii uses third party security tools to continuously scan for vulnerabilities. Annually we engage independent third-party security experts to perform detailed penetration tests on the Amperfii application.
Security Incident Response
In case of a system alert, events are escalated to Amperfii providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication
channels and escalation paths.
Application Security
Amperfii practices extensive processes and controls to ensure application security. All Amperfii engineers utilize common best practices defined by standards like OWASP, NIST and CIS Benchmark.
Framework Security Controls
Amperfii leverages modern and secure open-source frameworks with security controls to limit exposure to OWASP Top 10 security risks. These inherent controls reduce our exposure to SQL Injection (SQLi), Cross Site Scripting (XSS), and Cross Site Request Forgery (CSRF), among others.
HR Security
At Amperfii we ensure that our employees adhere to the highest security standards by implementing extensive employee background checks and multiple administrative controls.
Policies
Amperfii has developed a comprehensive set of security policies based on ISO 27002:2013 ISMS framework and SOC 2 Trust Criteria Focus Points. These policies are updated frequently and communicated to all employees.
Employee Screening
Amperfii performs background checks on all new employees in accordance with local, federal and state laws applicable to our business. The background check includes employment verification, criminal checks, credit checks, deeper historical references and education verification.
Confidentiality
All employee contracts include a confidentiality agreement.
Compliance
Amperfii has built its Information Security Management System on top of ISO 27002:2013 controls and SOC 2 Focus Points to ensure the best practice protection controls are implemented based on industry standards and we are compliant with applicable local, federal and state regulations, as well as industry standards.
PCI-DSS
Access to the Amperfii Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the Amperfii Production Network are required to use multiple factors of authentication and complete extensive background checks along with many technical and administrative controls.
Privacy Policy
Amperfii's Privacy Policy can be found here.
Legal Resources
Amperfii's Terms of Service can be found here.
