Last updated: June 3, 2020
GoVyrl, Inc. is dedicated to protecting your personal and company data. We continuously invest in the security of our platform to improve the privacy, confidentiality, and availability of your data.
GoVyrl, Inc.’s application platform runs on Amazon Web Services (AWS) cloud infrastructure hosted in secure SSAE 18 audited data centers. American Institute of Certified Public Accountants (AICPA) SOC 1,2,3 compliant reports for AWS services are available at https://aws.amazon.com/compliance/soc-faqs/.
Data Center Security
AWS data centers are secure by design and based on strict control of the following key areas.
Scalability & Reliability
GoVyrl, Inc. uses Amazon Web Services to manage user data. Our databases are designed to automatically scale in capacity and performance as needed. Our data storage design achieves high availability and durability by replicating multiple copies of data across multiple Availability Zones and backing up data continuously to storage. Amazon Aurora recovers from physical storage failures, with instance failover typically taking less than 30 seconds. Additional information is available at aws.amazon.co/rds/aurora.
Network and System Security
GoVyrl, Inc. uses commercially reasonable network security framework and procedures to secure the network and system infrastructure. We apply the principle of least privilege in network segregation, application firewalls and infrastructure access control. Intrusion detection, prevention, centralized log management, monitoring and alerting are deployed across the cloud environment to detect, prevent and promptly remediate impact by malicious actors.
Data in Transit
All transmission of sensitive data is encrypted to protect against identity theft and data loss. Transport Layer Security (TLS) 1.2 or higher is required to secure transmission of all sensitive data and prohibit insecure connections.
Data at Rest
All data stored in our AWS cloud infrastructure is encrypted using 256-bit AES encryption or higher to protect against identity theft and data loss.
Security and Compliance Orchestration
GoVyrl, Inc. uses cloud security and compliance orchestration software that enables continuous assessment of system security posture. The software actively enforces security controls to protect against identity theft and data loss in the cloud.
We work with external security advisors to perform penetration testing of critical systems for independent review of system security posture and cybersecurity risks.