Security

Data and application security

We protect your data following the latest standards and measures such as:

  • Requiring strong passwords and storing them hashed.
  • Encrypting the communication between Beenia and the user using SSL/TLS.
  • Using servers in Amazon AWS data centres operating under the Privacy Shieldframework. (for more information see above)
  • Data backup – all data are backed up in a data centre.
  • DoS protection – tracks the Beenia app usage intensity for each particular user. In the case of unreasonably high activity, the user will be temporarily blocked.
  • The Beenia team is composed of experienced programmers and technicians.
  • The performance and smooth functioning of the Beenia application are constantly monitored.

We protect payment data

  • all credit card transactions are processed using a secure and verified payment gateway
  • the service provider doesn't have access to the credit card details of the persons concerned

Data backup

  • performing data backups in a data centre
  • testing information system recovery from backup
  • safely storing backups
  • securely deleting personal data from data carriers
  • secure disposal of data carriers

Software and network protection

  • using legal software approved by the service provider
  • regular updates of operating systems, programs, and applications
  • securing the provider's infrastructure by antivirus software for detecting malicious code
  • active firewall for network security and protection
  • web application firewall located inside of the solution infrastructure, which provides protection from attacks and other security threats by filtering, monitoring, and blocking HTTP traffic
  • secure HTTPS connection using the TLS 1.2 protocol with enabled HSTS protocol
  • security headers as a prevention against various attacks
  • encrypting data/communication between Beenia and the user using SSL/TLS
  • pseudonymisation of data (if relevant)
  • regular testing of the online environment

 

Development of the Beenia application

  • development according to the OWASP standards
  • prevention against cross-site scripting (XSS), i.e. against website attacks abusing security vulnerabilities in scripts (especially non-validated inputs)
  • the use of prepared statements as a prevention against injection vulnerabilities
  • regular and proactive checks of individual application components with known vulnerabilities

We will gladly answer your questions, give you advice, or explain everything. If you have any questions regarding the app data security, simply contact us at [email protected].