We’ve built our product according to the highest security standards and offer industry-leading administration and access management tools
Ensuring robust security for user accounts is pivotal within our platform. We’ve implemented stringent authentication practices, encompassing:
Our platform offers robust user authentication methods ensuring top-notch security. With a proprietary username/password mechanism and the option for Two-Factor Authentication (2FA), we prioritize account safety. Our Password Policy mandates strong passwords, and our New User Activation Process verifies accounts via email confirmation.
Moreover, our Single Sign-On (SSO) integration with Enterprise Identity Providers like auth0, Azure AD, and Okta enhances security. Admins can opt for exclusive SSO login, ensuring centralized user management.
Our system incorporates a stringent Login Failure Policy, allowing organizations to set the maximum failed login attempts via the Organization Settings tab, bolstering security measures.
Furthermore, to ensure secure sessions, we enforce both Idle Timeout and Absolute Timeout protocols. Idle Timeout automatically ends sessions following a specified period of inactivity, while Absolute Timeout closes sessions after a predetermined maximum time period, irrespective of activity. These measures protect user accounts and maintain a secure session environment.
Within the Infiterra platform, data access is meticulously regulated through Role-Based Access Controls (RBAC). Various roles such as Billing Agent, Subscription Manager, Buyer, and Cloud Administrator, among others, govern access to data.
Our system offers diverse permission levels for users, ensuring granular control over data accessibility. These permissions are tailored to align with specific roles, enabling secure and structured access to sensitive information within the platform.
At our platform, preserving integrity and securing user interactions is paramount. We employ Google reCAPTCHA Implementation to safeguard the login page, deterring automated submissions from bots that could lead to spam and abuse.
This robust implementation fortifies our login page against unauthorized automated attempts, ensuring a secure environment and bolstering overall platform security.
Infiterra’s security architecture ensures industry-standard protection measures for your data’s safety and reliability.
Our entire infrastructure, hosted on Microsoft Azure in the US and EU regions, boasts advanced security layers. Utilizing robust defenses such as Layer-7 routing, load-balancing devices, network security groups, web application firewalls, and DDoS Protection, we fortify our platform against threats. Our management via Azure portal employs conditional access policies and strong Multi-Factor Authentication (MFA), ensuring secure access.
Endpoint security software secures all platform endpoints. We collaborate with a third-party vendor, maintaining a fully-managed Security Operations Center (SOC) and Managed Detection and Response (MDR)/Endpoint Detection and Response (EDR) as a Service solution. This partnership allows for a 24×7 incident response capability, swiftly identifying, validating, and escalating security incidents within 15 minutes, offering immediate guidance until incident closure.
Our continuous vulnerability scanning program assesses critical assets within our infrastructure daily for network vulnerabilities and weekly for web application vulnerabilities. This proactive approach aims to swiftly remediate and minimize potential threat opportunities.
Quarterly, an independent auditing firm conducts penetration tests on our production environments, focusing on the top-10 OWASP exploits and vulnerabilities. Reports are available upon request and signing of a Non-Disclosure Agreement (NDA).
All data within our platform is stored in MS SQL databases on Azure premium managed disks and Azure Files containers. They are encrypted at rest using Azure storage service encryption (SSE). Additionally, sensitive data is further encrypted within the MS SQL database tables using SQL Server column-level encryption with AES-256, employing certificates to safeguard encryption keys. Secure password hashing with SHA-256 and encryption of data in transit with TLS 1.2 and higher further ensure robust protection of your information.
Virtual Machines & Common Storage:
Enabled Local Backups and Recovery Services Vault in Azure.
Utilize encryption for data in the Recovery Services vault with Microsoft managed keys.
Multiple backup policies based on regions (EU, US) ensure regular full backups, differential backups, and retention periods for various timeframes.
Azure SQL Managed Instance (SQL Databases):
Enabled Automated Database Backups using Azure managed services.
Encryption for all databases using Transparent Data Encryption (TDE) guarantees encrypted database backups at rest.
Different backup policies per region (EU / US) ensure regular full, differential, and transaction log backups with distinct retention periods for short-term and long-term storage.
We prioritize the security and integrity of the Infiterra platform by promptly applying the latest operating system and application security updates/patches.
Automation drives patch management compliance and other repetitive maintenance tasks, ensuring timely and efficient upkeep of our systems.
Enhancing our platform’s robustness through secure practices, including threat modeling, secure coding, meticulous testing, and dedicated oversight throughout our development phases.
Analysis Phase:
Identify Security Requirements & User Stories
Review Security Design & Architecture
Perform Threat Modeling to identify potential threats
Implementation Phase:
Employ secure coding practices, input validation, and output encoding.
Analyze source code pre-compilation to ensure adherence to secure coding policies (SAST).
Conduct line-by-line manual code reviews for compliance and vulnerability identification (Secure Code Review).
Manage Security Risks associated with Third-Party Components through Dependency Analysis.
Testing Phase:
Conduct Manual Security Testing to assess the security of fully integrated code and reveal vulnerabilities.
Employ Automated Security Testing & Fuzzing on integrated code to uncover potential vulnerabilities.
We utilize modern open-source frameworks with built-in security controls. These frameworks effectively mitigate prevalent risks like SQL Injection (SQLi) and Cross-Site Scripting (XSS), enhancing the security layers of our platform.
Our dedicated QA team rigorously reviews and tests our codebase. Specifically focused application security engineers meticulously identify, test, and address security vulnerabilities, ensuring robust and secure applications.
Testing and staging environments are logically separated from production. This strict segregation prevents any use of service data in our development or test environments, maintaining the integrity of sensitive information.
Our proactive Bug Bounty Program encourages users to report security vulnerabilities promptly. This collaborative approach aids in swift issue resolution, prioritizing user data safety and platform security.
Ensuring a robust HR Security framework, featuring comprehensive training, updated policies, and stringent confidentiality agreements embedded within employee contracts, safeguarding sensitive information.
All employees complete Security and Awareness training annually and during onboarding.
Infiterra has developed a comprehensive set of security policies that are updated frequently and communicated to all employees.
All employee contracts include a confidentiality agreement.
Dedicated to protecting data privacy and ownership, ensuring compliance with GDPR and PCI standards, guaranteeing data ownership, secure data handling upon termination, and undergoing regular security audits for transparency and assurance.
Our platform is dedicated to safeguarding personal data within the Infiterra Platform. Specific queries related to GDPR coverage can be directed to our Risk & Compliance Department.
While not required, our platform ensures secure transactions by not storing or submitting credit card information. Payment integrations redirect users to secure payment gateway pages or utilize tokenization for recurring charges.
Customers retain full ownership of data stored in our Platform SQL tables. As per our Data Processing Agreement, customers are the “Data Controllers,” and Infiterra Ltd. or IWCP, LLC are the “Data Processors.”
In case of termination, Platform Customer data is deleted within 30 calendar days, with precautions advised for data backup before deletion.
GDPR Readiness Statement: Our CEO’s statement affirms our readiness and commitment to GDPR compliance.
Privacy & Data Protection Policy: Our Privacy Policy (GDPR compliant) outlines our commitment to safeguarding personal data.
Information Security Policy: Our Information Security Policy defines the guidelines and measures for maintaining information security.
Accelerate your cloud businesses
with cutting-edge automation
Accelerate your cloud businesses
with cutting-edge automation
Sign up for news, updates and insights from our cloud experts
© 2025 Ιnfiterra. Infiterra is a registered EU & US trademark
