Basecone takes the security and availability of your data very serious and we respect your privacy. This is on top of our mind, day in and day out. There are many procedures and measurements that we have put in place to ensure your data is secure, handled with care and is available for our users.
On this page we tell you more about various topics related to security, availability and privacy. We recommend you to read our Terms and Conditions and Privacy Statement, to get a better understanding and background of our Application(s).
Our infrastructure
- All our services and all of your data – in production – reside in Amazon Web Services (AWS) facilities in the European Economic Area (EEA), where we use various ‘zones’ (availability zones) to ensure we are available for you when one of the zones fails.
- All Services of Basecone run in the Cloud. Basecone uses Elastic Load Balancing of AWS to adjust to traffic demands, this means that depending on the demand of https://secure.basecone.com the entry point adjust sizes to fit our customer’s demand. This gives us out-of-the-box security settings like DDoS protection, SSL Security Protocols, Cyphers and Options.
- All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACL’s) that prevent unauthorized requests getting to our internal network.
Automation of build and release
- We have daily releases without downtime and a bi-weekly maintenance window with downtime on a Thursday night, outside business hours. Major builds are released every two weeks and announced on our knowledge base.
- We have many unit and integration tests in place to ensure Basecone works as expected. These tests are run every time our codebase is updated and even one single test failing will prevent new code being shipped to production.
Our levels of service
- Please refer to our SLA where we have documented what you can expect of Basecone at certain moments.
- Our availability is measured continuously and reports are available on our login page.
- Daily backups and hourly snapshots prevent any loss of data.
- In case of incidents, we report this on our status page.
Your data
- All customer data is stored at AWS in the European Economic Area (EEA).
- Customer data is stored in our database and file servers, we do not have individual datastores for each customer. However strict privacy controls exist in our application code to ensure data privacy and prevent one customer from accessing other customers data.
Application monitoring
- We use New Relic and AWS native tools for application, server and service monitoring. Also 3rd parties monitor our endpoints to ensure if a problem arises, we detect it early and advise our customers.
- All user activity is logged and these logs are stored in a separate system and cleaned daily.
- We use a Bastion host to log into each server. The IP and login details are stored for traceability.
Security audits
- Basecone is part of the Wolters Kluwer company which ensures our application to be internally audited – on a yearly basis – by an independent Security Audit Department. This means they audit our source code, access our control framework, but are also actively engaged during the development process to ensure security at all levels of the application.
- Auditing allows us to do ad-hoc security analysis, track changes made to our setup and audit access to every layer of our stack.