Our product is hosted on Heroku.
Heroku is a cloud application platform used by organisations of all sizes to deploy and operate applications throughout the world.
The platform allows organisations to focus on application development and business strategy while Heroku focuses on infrastructure management, scaling, and security.
Heroku applies security best practices and manages platform security so customers like clixifix can focus on their business.The platform inherently protects customers from threats by applying security controls at every layer from physical to application, isolating customer applications and data, and with its ability to rapidly deploy security updates without customer interaction or service interruption.
Heroku’s Commitment to Trust.
“Nothing is more important to our company than the privacy of our customer’s data." -- Parker Harris, salesforce.com EVP, Technology.
Trust is a core principle of salesforce.com and Heroku. It’s this commitment to customer privacy and inspiring trust that directs the decisions we make on a daily basis. Trust is the responsibility of each and every employee and one we take seriously.
Security Assessments and Compliance Data Centres
Heroku’s physical infrastructure is hosted and managed within Amazon’s secure data centres and utilise the Amazon Web Service (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards.
Amazon’s data centre operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
Amazon Web services (AWS) Security Centre.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It provides an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely.
With the AWS cloud, not only are infrastructure headaches removed, but so are many of the security issues that come with them. AWS’s world-class, highly secure data centres utilise state-of-the art electronic surveillance and multi-factor access control systems.
Data centres are staffed 24x7 by trained security guards, and access is authorised strictly on a least privileged basis. Environmental systems are designed to minimise the impact of disruptions to operations. And multiple geographic regions and Availability Zones allow you to remain resilient in the face of most failure modes, including natural disasters or system failures.
The AWS virtual infrastructure has been designed to provide optimum availability while ensuring complete customer privacy and segregation.