Security

How does Getapy handle data security and integrity?

Getapy

– All data is located in Canada

– We have implemented PCI guidelines to ensure user anonymity is guaranteed

– With use multiple tiers of proven tools to ensure data generated by users, user information and infrastructure is protected.

Below you will find 2 solutions Getapy use  in the stack:

Keycloak

What is it:

Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code.

 

Main features:

 

Single-Sign On

Users authenticate with Keycloak rather than individual applications. This means that your applications don’t have to deal with login forms, authenticating users, and storing users. Once logged-in to Keycloak, users don’t have to login again to access a different application.

This also applied to logout. Keycloak provides single-sign out, which means users only have to logout once to be logged-out of all applications that use Keycloak.

Kerberos bridge

If your users authenticate to workstations with Kerberos (LDAP or active directory) they can also be automatically authenticated to Keycloak without having to provide their username and password again after they log on to the workstation.

 

– Identity Brokering and Social Login

Enabling login with social networks is easy to add through the admin console. It’s just a matter of selecting the social network you want to add. No code or changes to your application is required.

Keycloak can also authenticate users with existing OpenID Connect or SAML 2.0 Identity Providers. Again, this is just a matter of configuring the Identity Provider through the admin console.

 

– User Federation

Keycloak has built-in support to connect to existing LDAP or Active Directory servers. You can also implement your own provider if you have users in other stores, such as a relational database.

 

– Client Adapters

Keycloak Client Adapters makes it really easy to secure applications and services. We have adapters available for a number of platforms and programming languages, but if there’s not one available for your chosen platform don’t worry. Keycloak is built on standard protocols so you can use any OpenID Connect Resource Library or SAML 2.0 Service Provider library out there.

Gatekeeper

You can also opt to use a proxy to secure your applications which removes the need to modify your application at all.

– Admin Console

Through the admin console administrators can centrally manage all aspects of the Keycloak server.

They can enable and disable various features. They can configure identity brokering and user federation.

They can create and manage applications and services, and define fine-grained authorization policies.

They can also manage users, including permissions and sessions.

– Account Management Console

Through the account management console users can manage their own accounts. They can update the profile, change passwords, and setup two-factor authentication.

Users can also manage sessions as well as view history for the account.

If you’ve enabled social login or identity brokering users can also link their accounts with additional providers to allow them to authenticate to the same account with different identity providers.

– Standard Protocols

Keycloak is based on standard protocols and provides support for OpenID Connect, OAuth 2.0, and SAML.

– Authorization Services

If role based authorization doesn’t cover your needs, Keycloak provides fine-grained authorization services as well. This allows you to manage permissions for all your services from the Keycloak admin console and gives you the power to define exactly the policies you need.

Also Kepycloak is sponsored by Redhat one of the most trusted provider in IT services in the world.

GCP – As our Infrastructure provider gave us the following

Google dedicated security team:

Google employs security and privacy professionals, who are part of our software engineering and operations
division. Our team includes some of the world’s foremost experts in information, application and network security.
This team is tasked with maintaining the company’s defense systems, developing security review processes,
building security infrastructure and implementing Google’s security policies. Google’s dedicated security team
actively scans for security threats using commercial and custom tools, penetration tests, quality assurance (QA)
measures and software security reviews. Within Google, members of the information security team review security
plans for all networks, systems and services. They provide project-specific consulting services to Google’s product
and engineering teams. They monitor for suspicious activity on Google’s networks, address information security
threats, perform routine security evaluations and audits, and engage outside experts to conduct regular security
assessments. We specifically built a full-time team, known as Project Zero, that aims to prevent targeted attacks
by reporting bugs to software vendors and filing them in an external database.

The security team also takes part in research and outreach activities to protect the wider community of Internet
users, beyond just those who choose Google solutions. Some examples of this research would be the discovery of
the POODLE SSL 3.0 exploit and cipher suite weaknesses. The security team also publishes security research
papers, available to the public. The security team also organizes and participates in open-source projects and
academic conferences.

State-of-the-art data centers

Google’s focus on security and protection of data is among our primary design criteria. Google data center
physical security features a layered security model, including safeguards like custom-designed electronic access
cards, alarms, vehicle access barriers, perimeter fencing, metal detectors, and biometrics, and the data center floor
features laser beam intrusion detection. Our data centers are monitored 24/7 by high-resolution interior and
exterior cameras that can detect and track intruders. Access logs, activity records, and camera footage are
available in case an incident occurs. Data centers are also routinely patrolled by experienced security guards who
have undergone rigorous background checks and training. As you get closer to the data center floor, security
measures also increase. Access to the data center floor is only possible via a security corridor which implements
multi-factor access control using security badges and biometrics. Only approved employees with specific roles
may enter. Less than one percent of Googlers will ever set foot in one of our data centers.

Powering our data centers

To keep things running 24/7 and ensure uninterrupted services, Google’s data centers feature redundant power
systems and environmental controls. Every critical component has a primary and alternate power source, each
with equal power. Diesel engine backup generators can provide enough emergency electrical power to run each
data center at full capacity. Cooling systems maintain a constant operating temperature for servers and other
hardware, reducing the risk of service outages. Fire detection and suppression equipment helps prevent damage to
hardware. Heat, fire, and smoke detectors trigger audible and visible alarms in the affected zone, at security
operations consoles, and at remote monitoring desks.

 

Full integration with existing systems

Getapy is fully automated to ensure meetings are impactful

Action items tool to ensure your team is productive on every conversation

Ready to get started?

Create your account now!