Security

Last updated: June 16th, 2022

This notice describes the security of our platform and services. Please review it carefully.

Hello and welcome at appesco.com! We value your content the most, so rest assured that we have taken all the necessary measures to keep it secure. We comply with the international standards and we keep all your data in safe, highly reliable environments, while also being encrypted, stored in cloud and backed up daily. Our  product consists of multiple layers of defense and we have even established a recovery plan in case of disasters. All our employees are professionals and we want to assure you that your data is safe in our hands, no matter what. Should you have any inquiries, do not hesitate to contact us at [email protected].

appesco.com and security

We here at appesco.com are fully aware of the importance of our customers' data and are fully committed to protecting them, by complying with the highest security standards. It is our utmost priority that our platform is secure and reliable, making ourselves worthy of our customers' trust.

Securing your data

In order to make sure that our goal in securing our customers' data is achieved, we use international standards and certifications, such as ISO 27001, ISO 27018 and OWASP Top 10.

appesco.com makes use of Digital Ocean and Hetzner, where our systems are hosted. These top hosting infrastructures are highly reliable data centers that enable us to keep your data secure and available at all times.

We have also established a disaster recovery plan in order to make sure that your data is kept safe also in case of unwanted events.

Application security

Because securing your data is of great significance to us, we make sure that it is protected through encrypted daily backups. We employ multiple layers of defense mechanisms, such as:

  • Web Application Firewall to protect the application (https://cloudflare.com)
  • Adaptive intrusion detection integrated with Cloudflare
  • Distributed application and databases
  • Restricted firewall to allow communication only with Cloudflare
  • Restricted console (SSH) access to servers
  • 100% ansible (https://www.ansible.com/) configured environment to reduce human error

Content security

At appesco.com, we take all the necessary measures in order for our customers to feel that their data is highly protected. Thus, all the files are stored in DigitalOcean Spaces and all data is stored on encrypted disks, so that it is secure and easily accessible.

Furthermore, access to production environment is restricted and the software is stored on GitHub. In addition to that, the source code is reviewed and production code is separated from the other branches.

Organizational security

appesco.com runs a "bug bounty" program that allows security researchers to identify potential security weaknesses in an ethical way, making us aware of issues that might need to be handled.

Disaster recovery plan

We want to make sure that we are ready to keep your data secure even in less fortunate situations, which is why we have established a disaster recovery plan.

As a guarantee that our security standards are met, the data is backed up daily, is stored in the cloud and is encrypted.

Accessing the data

We know your data is of utmost importance, so we take our duty to protect it very seriously. Our employees are free-lancers, working remotely, so while there are no control systems of their workstations, our production data is accessible only through two-factor authentication and is cloud-stored.