Security
At Corpora, we take the security and privacy of our users’ data seriously because we know the importance and sensitivity of the data we are trusted with, that’s why we have implemented robust security measures to protect your information and maintain the integrity of our product. This page outlines the key security measures we have in place.
Data encryption at rest and in transit
To ensure the confidentiality and integrity of your information, we have implemented robust in-transit and at-rest encryption measures provided by AWS. In-transit encryption is enforced through industry-standard SSL/TLS protocols, securing data transmission between your device and our servers. For data storage, we utilize AWS services such as Amazon S3 and RDS, which offer server-side encryption. With these measures in place, your data is protected throughout its journey within our platform and while at rest in our storage.
Hosting and data center
Corpora is hosted on Amazon Web Services (AWS) in the United States. Leveraging AWS hosting services, we benefit from advanced security measures such as firewalls, network isolation, and intrusion detection systems, with regular security audits and adherence to industry best practices.
Backup and redundancy
We utilize automated backups. This ensures the durability and availability of your data, reducing the risk of data loss and maintaining continuous access to your information.
Firewall
We utilize the firewall capabilities provided by AWS, which protects our infrastructure against unauthorized access, DDoS attacks, and common web application vulnerabilities. AWS firewall solutions employ rule sets, web ACLs (Access Control Lists), and traffic inspection mechanisms to filter and monitor network traffic.
Corporate security governance
We have implemented comprehensive security governance measures to safeguard our practices. Our approach includes security policies, Least Privilege Access controls, regular risk assessments, and employee training. We regularly evaluate and enhance our security posture through frequent security audits. We closely monitor security events and maintain up-to-date systems with timely patch management.
Least Privilege Access (PoLP)
We adopt the least privilege access approach in our teams. This means that we grant employees the minimum level of access necessary to perform their specific tasks. By strictly controlling access privileges, we reduce the risk of unauthorized actions and enhance overall data security.
Incident Response
In the event of a security incident, we have established an incident response plan to minimize the impact and address the situation promptly. Our team is trained to respond swiftly and efficiently to any potential security breaches, including initiating necessary remediation measures and notifying affected users, if required.
