Is Supplios secure?
Please see an updated and more detailed version of this article here: https://support.supplios.com/article/138-supplios-it-infrastructure-and-security-overview
Supplios is built on a modern, stable & secure tech stack, with your company's data security as a top-level priority from day one.
By using Supplios as a critical piece of your supply-chain infrastructure, our team is well aware that you are counting on us to keep things secure, keep thing running, and keep things confidential. We don't take these things lightly, and it impacts many decisions we make internally -- technically and otherwise -- to not cut corners, use only trusted technologies and partners, and always think of things from the standpoint of our customers.
While it would take quite a while to go through all security and dependability-related features and questions, here are a few things worth highlighting:
- The vast majority of Supplios infrastructure (including all company data and file uploads) is hosted by AWS (Amazon Web Services) - the leading global cloud provider with a strong record of security and dependability. All infrastructure is operated in dedicated VPCs with highly restrictive firewall and access control rules.
- All company/user data and files are encrypted -- both while in transit (between your computer and our servers), and while at rest (while stored on the servers).
- Established processes and procedures are in place for disaster recovery, including frequent backups, multi-zone database redundancy, and high-availability server configurations.
- All passwords are stored hashed and salted, using the latest industry-standard hashing algorithms.
- Object-level, deny-by-default authorization permissions on all key database records.
- Secure authentication practices - including secure, HTTP-only session cookies, short-lived and cryptographically-signed user invitation tokens, and more.
If you have any questions or concerns about security practices at Supplios, please contact our team.
If you believe you have uncovered a security vulnerability, please contact our response team at security@supplios.com.