At Userlens, we prioritize customer data security and privacy in all decision-making processes.
We use AWS Managed services in a private VPC network with strict traffic control and "Zero Trust" principles. Access relies on AWS IAM, requiring user identification and role-based permissions for system access.
Our databases use AES-256 encryption-at-rest with keys managed by AWS. Data keys are encrypted with a secure keystore, regularly updated. We enforce HTTPS for all services and utilize SSL SHA-256 ECDSA Certificates with TLS 1.3 for encryption-in-transit.
Before hiring, we conduct security background checks. Our onboarding emphasizes security, with mandatory training for new hires. We enforce encryption, password manager use, and antivirus installation through a company-managed security solution agent.
Our databases, hosted on AWS private networks, use AWS RDS and ElastiCache. Access is granted via AWS IAM to selected applications or engineers. We ensure data recovery with weekly and point-in-time backups, following AWS best practices for High Availability and Fault Tolerance. Our constant focus is on improving our tech stack.