Skip to content
English
Submit a Ticket Customer portal
Release Notes
  • There are no suggestions because the search field is empty.

Equip ID Security and Data Protection

Overview

Equip ID SaaS web platform and mobile app have been designed with performance, scalability, data protection, security, and continuity in mind to satisfy the strict requirements of leading global brands.

Our web platform requires a standard browser without the need for any third-party plug-ins or unusual configurations. Our mobile app is available for iOS and Android devices. It can be downloaded from Apple App Store or Android Play Store worldwide.

Infrastructure

Equip ID utilizes a hybrid-cloud configuration using best-of-breed cloud platforms - Amazon Web Services and Linode. This configuration allows us the flexibility to scale the applications based on our clients' needs. All software updates to the underlying servers are performed based on the recommended schedules by our DevOps team with no downtime.

Performance and Scalability

Equip ID applications are thoroughly tested by our QA team prior to each release for performance and scalability. Production environments are monitored for 24/7/365 to ensure no slowdowns or errors occur. With the hybrid-cloud configuration, we are able to quickly and automatically scale the applications to meet the demands of our clients.

Data Protection

Equip ID utilizes PostgreSQL with sensitive data, such as passwords, encrypted at rest using the BCrypt algorithm. All data in transit between our servers are encrypted using AES-128 and RSA-2048 encryption standards. In addition, the information flowing between our servers and the web browsers of our users is encrypted utilizing strong 256-bit SSL encryption by Sectigo RSA.

Data segregation is achieved on the business logic layer. Each database table contains the ID of a specific client, and each SQL query checks to ensure that a user receives or modifies only the information she has permissions to see or change.

Security

Equip ID designed an infrastructure to ensure the highest level of security. State-of-the-art firewalls and intrusion detection systems prevent unauthorized access to our servers. Internally, only a limited number of DevOps have access to sensitive information. In addition, we perform quarterly vulnerability assessments to stress-test our systems.

Access to the Equip ID web app and the mobile app is based on the combination of an email and a strong password. Users are able to reset their passwords via a link sent to their email address. At no time are passwords sent in emails as clear text. Administrators can set a temporary password that the user is forced to change upon their first login. Passwords are encrypted in the database and are not visible to anyone, including our own system administrators or developers.

Continuity

Equip ID performs daily backups of all the information residing in our database. Other data, such as images and files, are stored in redundant systems on Amazon Web Services. Backups are automatic and run on the following schedule:

  • Daily Backup - automatically initiated daily; lasts for 24 hours; gets overwritten by the next successful Daily Backup

  • Weekly Backup 1 - automatically initiated every other week; lasts for 14 days; gets overwritten by the next successful Weekly Backup 1.

  • Weekly Backup 2 - automatically initiated on the alternate weekly schedule; lasts for 14 days; gets overwritten by the next successful Weekly Backup 2.

Daily Backup - automatically initiated daily; lasts for 24 hours; gets overwritten by the next successful Daily Backup

Weekly Backup 1 - automatically initiated every other week; lasts for 14 days; gets overwritten by the next successful Weekly Backup 1.

Weekly Backup 2 - automatically initiated on the alternate weekly schedule; lasts for 14 days; gets overwritten by the next successful Weekly Backup 2.

Our DevOps team monitors the performance of our systems and on standby 24/7/365 in case of system outages. Response times, availability objectives, and support procedures are described in the SLA section of our contracts.

Our Recovery Point Objective (RPO) is 24 hours and our Recover Time Objective (RTO) is 48 hours. Our mobile app is capable of operating off-line, retains the data locally, and automatically synchronizes the local data with the servers when the connection is established and verified.

Bullet points

  • Hosted on best-of-breed cloud platforms (AWD and Linode)

  • Security patches and software updates monitored and installed

  • Sensitive data encrypted at rest (BCrypt)

  • All data encrypted in transit between servers (AES-128 and RSA-2048)

  • Utilizing strong 256-bit SSL encryption for web browsing (Sectigo RSA)

  • State-of-the-art firewalls and intrusion detection (Ubuntu EFW, Fail2Ban)

  • Quarterly vulnerability assessments (OpenVas)

  • Automated backups (Linode)

Hosted on best-of-breed cloud platforms (AWD and Linode)

Security patches and software updates monitored and installed

Sensitive data encrypted at rest (BCrypt)

All data encrypted in transit between servers (AES-128 and RSA-2048)

Utilizing strong 256-bit SSL encryption for web browsing (Sectigo RSA)

State-of-the-art firewalls and intrusion detection (Ubuntu EFW, Fail2Ban)

Quarterly vulnerability assessments (OpenVas)

Automated backups (Linode)