Red Arc Security Attestation

At Red Arc we take the security of our systems and protecting your organization’s data very seriously. 

The objective of our Information Security Program is to maintain the confidentiality, integrity and availability of our systems. The program includes technical and organizational security and physical measures as well as policies and procedures to protect your organisation’s data against accidental loss; destruction or alteration; unauthorized disclosure or access.

General Provisions

  • Our applications are entirely developed and hosted using Amazon Web Services (AWS) serverless architecture.

    The AWS infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. It is designed to provide an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely.

    This infrastructure is built and managed not only according to security best practices and standards, but also with the unique needs of the cloud in mind. AWS uses redundant and layered controls, continuous validation and testing, and a substantial amount of automation to ensure that the underlying infrastructure is monitored and protected 24×7. AWS ensures that these controls are replicated in every new data centre or service.

    This means we benefit from a data centre and network architecture built to satisfy the requirements of the most security-sensitive of Amazon’s customers. Meaning you, as a Red Arc customer, get a resilient infrastructure, designed for high security.
  • Policies
    • We maintain an information security policy covering personnel, devices and procedures.
    • We maintain a Malware policy for staff devices.
    • We maintain security Incident Response policy.
    • All policies are reviewed annually by the Security Officer

Access Control

  • Access to our development systems is limited via controlled user privileges for AWS. Privileged access is only granted to the development team on a needs basis and is protected by two-factor authentication via AWS’s two-factor protocol. 

Data

  • Customer data is encrypted in transit and at rest using AWS features. Our data stores are DynamoDB and AWS RDS.
  • Data is stored in the AWS Asia Pacific (Sydney) Region.

Availability

  • Reliability is one of the 6 pillars of the AWS well-architected framework. This means reliability is built-in to our infrastructure
  • All of our data stores are backed up using automated AWS features, meaning your data is not only secure but resilient.
  • All patching and vulnerability updates of infrastructure are managed automatically in our AWS environment

Privacy

  • Our Privacy Policy can be found here
  • Our Data Processing Agreement for GDPR can be found here

Contact

  • Our security officer can be reached at [email protected] for any security issues or questions related to our products.