Some of our developers have been working for the cyber forces in the IDF intelligence. We know security, and every piece of code was written with security in mind. We will also cooperate with a large blockchain security audit company (soon to be announced) ensure safety.
The measures we take to remain safe include, amongst others:
- Using Amazon KMS for managing a secret private encryption key, which even we don’t know. It it used for encrypting the DB password and contains secret key with which we scramble cookies and other sensitive information.
- Our DB is disconnected from the outside world, inside an AWS VPC network, and cannot be accessed by anyone outside the network, including ourselves.
- The servers we use to process web requests are hidden behind Cloudfront and ELB, and are inaccessible by any means. Their inbound internet connection is open only to AWS services, and they have SSH login disabled.
- User passwords are strongly salted and hashed, based on a secret key that is (as aforementioned) encrypted with a private key held by Amazon and unknown to us. That same key is used to encrypt the salted and hashed passwords, thus making sure that even the password hashes won’t be leaked if someone manages to gain access to our DB. Also, other sensitive data such as DOB and phone numbers are encrypted. Encryption is based on temporary keys derived from the master key and invalidated every max. 12 hours.
- Our master production key, that is held by Amazon, is managed only by me, and only I have permission to allow or disallow AWS entities (including team members) to use it for encryption/decryption.
- Our administration services sit behind an OAuth2 proxy, connected to the company’s corporate email. That means that only someone with a “@coolcousin.com” login and password can access our admin interface. The corporate email enforces 2FA and strong passwords, and the login is periodically invalidated so as to not keep accounts logged in forever.
- Our personal AWS access credentials are regularly invalidated and rotated to prevent harm in the case where one of the workers’ personal laptop or phone is stolen by nefarious agents.