8.5. Security and Compliance
Fluix Built-in Storage uses Amazon S3 to store the files. Amazon S3 redundantly stores your objects on multiple devices across multiple facilities in an Amazon S3 Region. The service is designed to sustain concurrent device failures by quickly detecting and repairing any lost redundancy. Amazon S3 also regularly verifies the integrity of your data using checksums. Storage meta-data is stored in Fluix databases. Fluix databases are backed up nightly and the backup is reliably stored for the two weeks.
Fluix Storage Service uses 256-bit Advanced Encryption Standard (AES) encryption for data at rest. The storage employs strong multi-factor encryption. Each document is encrypted using a unique key. As an additional safeguard, the key itself is encrypted with a master key, which is rotated regularly. All requests to storage service need to be signed by the Application Service.
The IT infrastructure that AWS provides to Readdle is designed and managed in alignment with security best practices and a variety of IT security standards, including:
- SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70), SOC2, SOC3
- FISMA, DIACAP, and FedRAMP
- DOD CSM Levels 1‐5
- PCI DSS Level 1
- ISO 27001
- FIPS 140‐2
- MTCS Level 3
In addition, the flexibility and control that the AWS platform provides allows customers to deploy solutions that meet several industry‐specific standards, including:
- Cloud Security Alliance (CSA)
- Motion Picture Association of America (MPAA)
AWS provides a wide range of information regarding its IT control environment to customers through white papers, reports, certifications, accreditations, and other third‐party attestations. More information is available in the Risk and Compliance whitepaper available on the website.
Was it helpful? Feel free to contact us at firstname.lastname@example.org if you have any questions or comments.