Why 450+ Leading Organizations Trust Us
Bananatag takes pride in devoting extensive resources towards network security in order to ensure our customers’ data is safe and sound.
How we protect your data
1. Data Center and Cloud Infrastructure
Bananatag utilizes Amazon Web Services (AWS) for cloud infrastructure hosting and services. AWS is fully compliant with multiple SOC and ISO regulations. Multi-region is supported such that data would not leave your region (if desired).
All of Bananatag’s services are hosted in the Virtual Private Cloud (VPC) and are protected with:
- AWS Web Application Firewall
- Intelligent Threat Detection
- DDos attack Prevention
- Custom configured Security Groups
- Network Access Control Firewall
- Intrusion Prevention Systems
2. Data Storage Security and Backups
- All Bananatag data is stored on highly scalable and secure AWS Aurora databases and DynomoDB, which is encrypted with AES-256 at rest and during transfer.
- ALL network connections in and out of Bananatag are securely encrypted with SSL that has received an A+ grade from a third party.
- Database access passwords are periodically rotated and system passwords are encrypted by and managed with AWS Key Management System.
- Data storages are periodically backed up for recovery.
- Pesudo-anonymous network logs are retained for security auditing, system diagnostics and issue troubleshooting
3. Environment Access Control
A principle of least privilege is employed to all staff and users.
- System level configuration is only performed by AWS Certified Sysop Engineers
- All engineers are required to use multi-factor authentication (MFA) or Single Sign-On for development and system configuration.
- Production environments and data are fully segregated from those of development via software logics
Our unique edge
Bananatag is built around a highly scalable cloud infrastructure which ensures world-class uptime.
- Web applications undergo (and have previously withstood) extensive manual penetration tests by third party vendors (including OWASP guidelines)
- Automated vulnerability scanning is performed for core service and web applications
- Periodic code scans are run before production deployments
- Bananatag utilizes a global content delivery network for consistent performance and availability
- Bananatag offers support for Single Sign-On (SSO) and allows users to be authenticated using your existing federated services:
- SAML, Gmail, Office 365, Azure AD, AD and Outlook
Bananatag is committed to user privacy and is compliant with GDPR.
- Through a proprietary system architecture, pesudo-anonymous and non-personally identifiable data is stored to ensure privacy and compliance.
- Pertaining to the right to be forgotten as defined by GDPR, user data can be removed upon request.