Security

Your document security is a top priority at Signific. Your business documents contain information that only you and your clients need to see, and we intend to keep it that way. Every day we ensure that our security is parallel with industry standards and compliance.

Software security

Physical Security

Signific data centers (handled by Amazon AWS) are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure

Servers and Networking

All servers that run Signific software in production are recent, continuously patched Linux systems. Additional hosted services that we utilize, such as MongoDB Atlas, and others, are comprehensively hardened infrastructure-as-a-service (IaaS) platforms.

Coding and Testing Practices

Signific leverages industry standard programming techniques such as having a documented development and quality assurance processes.

Isolation environments

Signific production services are logically isolated from other Corporate, QA, and Development services.

Customer payment information

Signific uses external secure third party payment processing and does not process, store, or transmit any payment card data maintaining full PCI compliance.

Service levels and backups

Signific infrastructure utilizes many layered techniques for increasingly reliable uptime, including the use of clustering, auto-scaling, load balancing, task queues, and rolling deployments. Daily automated backups of all production databases are made.

Application architechture

The Signific applications are multi-tiered into logical segments (front-end, mid-tier, and database), each independently separated from each other in a DMZ configuration. This guarantees maximum protection and independence between layers.

System monitoring

At Signific, the production application and underlying infrastructure components are monitored 24/7/365 days a year, by dedicated monitoring systems. Critical alerts generated by these systems are sent to 24/7/365 on-call DevOps team members and escalated appropriately to operations management.

Vulnerability testing

Web application security is evaluated by the development team in sync with the application release cycle. This vulnerability testing includes the use of commonly known web application security toolkits and scanners to identify application vulnerabilities before they are released into production.

Get started with Signific today

Get Demo