Sitemate Network and Application Security

Sitemate runs on AWS's global cloud infrastructure.

Sitemate utilizes Platform as a Service (PaaS) services, due to their enhanced security and safety.

The system utilises a multi-tenant architecture.

Geographic Data Residency Controls and control over where your data is hosted and stored is available on the Enterprise Pricing Plan which can be seen here.

Data is processed & stored in PaaS database services, with live fail-over replicas. For example, the form database service has one write & 2 read nodes.

Snapshot backups are taken daily (stored for 7 days) & weekly (stored for 4 weeks).

Photos & videos are stored within Amazon S3 and stored across at least three devices in a single AWS Region.

Failover & backups are tested as per Sitemate DR/BCP policies.

AWS Config is used to monitor compliance and configuration across all Sitemate Services, enabling assessing, auditing, and evaluating configuration of all Sitemate resources.

All data is encrypted at rest (AES256-CBC) & in transit (TLS 1.2+).

NIST CSF provides a broad, risk-based approach for organizations to manage cybersecurity risks. It provides a structured and comprehensive approach to managing cybersecurity risks and enhancing the company's resilience against potential threats.

NIST Cybersecurity Framework helps Sitemate stay proactive and prepared for evolving cyber threats, safeguarding customer data.