If you ever thought about security as one of the main pillars in terms of cloud management services, you got that one right. And as far as any fears go, about your data’s safety on our servers, we have got you the perfectly crisp digest to make sure those qualms subside away. Centilytics is dedicated to providing a secure cloud management platform where everything you want to know about your cloud can be visualized within a single pane of glass. And, here we are to show what makes our console secure.
First and foremost, we only have Read-Only Access to your data, which ensures that we would not be able to edit anything that is stored in our databases. We cannot even see what the customer runs.
Let us start with the security standards of our console itself. Centilytics console runs on the Hypertext Transfer Protocol Secure, also known as HTTPS, meant to secure the information passed on between two servers by scrambling the information given by the client in transit. This, in turn, means the information you type in on our website is rendered unusable to hackers.
Since we use BCrypt hashes to encrypt the password, passwords are incredibly resistant to the Rainbow Table attacks by hackers which makes this the ideal algorithm to protect your privacy, compared to say, the SHA-2 or MD5 algorithms.
And as is standard, there is a Session Mechanism in place to ensure that if your console is left idle for too long, our timeout system will kick in to ensure no loss of data takes place.
In AWS, API calls are basically every request that the user makes. A call from a user can be made requesting to grant access to the database through the use of his password and email address. For the console, we make use of a Custom Authorizer, wherein once a client calls the API, the Gateway checks in if there is a custom authorizer involved with that particular process. Once that is confirmed, the Lambda function is called into play, the authorization token is supplied and only then does the process execute in its entirety, thus providing multi-layered security which protects up to the highest standard possible.
Now, the question arises as to the potential threat to your overall data, as in, your user credentials, your account number, your billing information et al. To ensure no tampering is done with all your data, your data is stored and split into two databases on the basis of their criticality. For some insight, details like personal information, your credentials, the two keys (Access and Secret) would be stored in a separate database which does not contain the other interlinked information like for example, the Billing Information, safely stored in another database.
The best part? Centilytics console is accessible only by an HTTPS secure connection. All the data transferred from and to console takes place at an encryption of 256-bit RSA algorithm.
Apart from all the security we provide that has been mentioned already, Centilytics is also subject to a Non-Disclosure agreement with every one of the clients it takes on board. Cross-leveraging of data is a bygone fear once you get onboard. The prime intention is to ensure that users can edit and view your data with a certain peace of mind.