What measures does Basecone take to ensure the safety of data and invoices? Given the privacy-sensitive nature of data, security is an ongoing project for our developers. In this blog, we’ll take a look behind the scenes at Basecone to see how we keep your information secure.
How do we deal with security? And what measures do we take to secure your and our data? Given the nature of the data, we take the security and availability of your data very seriously. That means a lot more than just impenetrable walls around our servers and data storage and three firewalls for every possible digital access point that links to our services and data!
No matter how secure Basecone is, real security begins with users
Sadly data security ain’t always pretty: real security doesn’t start with secure software or applications, but with the behaviour of your users. For example, a strong, unique password for Basecone with regular password changes is a significant starting point. Additionally, only having one user per username is another crucial aspect of data security; shared credentials are a safety risk. Luckily, within Basecone, it’s pretty easy to set up a new user.
Would you like to know more? The team of Basecone is here to help you! We’ll provide you with tips for digital security within your organisation, such as two-factor authentication.
An encrypted connection to our application
Just like our website, our application is encrypted with SSL. Make sure your users always check the URL of the login page. For Basecone, this should be https://identity.basecone.com. All entered data (user name, password and firm name) are always encrypted and sent securely. Amazon Web Services (AWS) is our cloud service provider. AWS is wholly focussed on making sure their servers are as secure as possible. Many of the world’s largest online platforms and applications use their services. And just like Basecone, they want to rely on secure cloud servers! Learn more about the compliance of AWS on their website.
Secured storage of data in our application
Basecone uses Elastic Load Balancing of Amazon Web Services (AWS). This gives us out-of-the-box security settings like DDoS protection, SSL Security Protocols and Ciphers. Even our management entry point is secured! All of our servers are within our virtual private cloud (VPC) with network access control lists that prevent unauthorised requests getting to our internal network.
Access to databases in our application
Access to data in the application of Basecone is limited to necessary actions only. Access to the database is logged and controlled, so our customers’ data always resides within this secured environment, even when analysing data or aggregating data for our algorithms.
All Services of Basecone run in the cloud. All our services and your data reside in Amazon Web Services facilities in Frankfurt, Germany. This is mandatory for GDPR compliance: servers that host European data must be placed physically in the EU.
Storage and back-ups
Just like you should back-up your computer regularly, to prepare for a worst-case scenario, Basecone also backups data and databases. Our backup is completed every day. Next to that, we check our processes and backups daily, to make sure there aren’t any problems if the backup needs to be used at any point.
To be prepared for a crash, we automatically take a snapshot of the database each hour. AWS guarantees us these snapshots will be quickly ready for use on another server. In the event of a crash, AWS will switch the database to another server.