Codi services operate in a dedicated Amazon Web Services (“AWS”) Virtual Private Cloud. Hosts launch with secure configurations and employ security groups to filter connections. Connections to the Codi services are via secure protocols, e.g. HTTPs (TLS 1.2) and SFTP. Databases that contain user information are encrypted at rest.
Only Codi staff have administrative access to our systems and applications; our hosting provider, Amazon Web Services, does not have access to Codi applications or user data. AWS manages the infrastructure and physical security and allows only strictly limited pre-approved physical access, enforced by mechanisms including access cards and biometric readers. On-site 24x7 security staff monitor the access control systems and video surveillance.
We’re committed to keeping your company’s information safe and secure. To protect data, our information security team:
Protects access to data and infrastructure from abuse and attacks
Implements security best practices early in our design and development processes
Detects, contains, and mitigates threats that have the potential to impact the security, availability, and performance of our infrastructure
For more information on how we use data, see our Information Security Statement.