Event Hub is an extremely modern stack with a minimal attack surface.
Event Hub leverages state-of-the-art cloud technology, running fully serverless and utilizing the Graph API.
There is one system image remaining in the EH stack. A non-significant service that will be sunsetted on March 23. Event Hub will then be fully serverless.
Event Hub uses the following tools to monitor security controls:
AWS Cloud Watch
AWS Guard duty
AWS Security Hub
AWS Inspector
AWS IAM
Intruder.io
We follow the AWS Foundational Security Best Practices standards.
These standards go above and beyond the traditional CIS Benchmarks by providing recommendations for each individual AWS service. The recommendations are curated directly by the security experts at AWS specifically for their environment.
Data is backed up hourly and daily.
Point-in-time recovery is activated as is replication of DB across X2 Sydney Data warehouses and a replicated DB for BI reporting.
There is a dedicated Slack channel for Disaster recovery with fully documented process controls attached.
For enterprise class users our SLA is 99.9% uptime guarantee + 1hr response for BAU business recovery. This will involve point in time recovery of the database data.
Only 2 employees - COO/CTO - have access to the Production database and this is controlled by single and static IPS. Changes to these IPS are alerted to our Security Slack channel by AWS Guard Duty.
Full VPN-only access was enabled 27/03. Users with VPN config can only access private EH networks. Config files define access parameters.
All Developers access a staging database where data is fed downstream and all email and mobile phones (IF captured) is sanitised on the staging stack
Data is encrypted at rest and in Transit.
On-Time key rotation is managed by AWS Security Hub.
Encryption is initially started the second you visit any of Event Hub's services through your web browser - we use the Transport Layer Security (TLS) v1.2 standard for all web apps for unparalleled speed and security.
Any information you enter is transmitted in an encrypted format to all of our backend services.
Any data saved into our platform is stored and encrypted using the strong AES-256 standard at rest.
Event Hub conducts regular vulnerability scans using Intruder.io.
This service provides ongoing attack surface monitoring to our infrastructure team.
Any events discovered are remediated as quickly as possible.
An independent security consultant conducts regular penetration tests of our environment to ensure there are no security holes.
As of June 23 WAF was deployed.
WAF is a web application firewall, it prevents most layer 4-7 attacks on the infrastructure like SQL injection, denial of service, XSRF, and a lot of known exploits. Covers the OWASP top 10 to prevent our application from being hacked.
Application owner + admin + ticket owner + requestors
Only the application owner (1 role) can export all contact data.
All other Roles are limited to per-event exports, limiting the risk of contact leakage.
All admin users of the application must use MFA
All services used by the EH team must use MFA.
Breaches of this are alerted by AWS guard Duty to the COO and CTO via SNS push to Slack Channel.
SOO planned for 07-23 as part of new customer contract.
SSO is now available for 0365, one-login, Google workspace
All new code commits are managed in Github and all go through code review by Team lead.
This is followed by QA on our dev stack.
Once released to production - a new feature “smoke test” is performed.
All workflow steps are managed by our JIRA board with single individual accountability.
PII data is stored in one table and is First name, Last name, email & company title. (Mobile phone at Tennant's option)
We do not store address data.
Data is split by tenant by company UUID.
Hard Data deletion (by our team) is performed a maximum of 48 hours after a direct customer request.
Hard Data deletion (by our team) is performed within 60 Days are the expiry of service triggered by nonuse. We note that 2 warning emails will be sent to the application owner prior to the deletion.
Immediate Self-service deletion of all tenant data is planned for Q4 23.
Our BI stack consumes minimal PII data. Where PII is included the fields are only accessible to the BI owner.
The only files loaded to the Event hub are CSV guest lists and CSS content images.
Jpeg and PDF. CSV lists are stripped by a lambda function and injected into our DB.
CSV file loads are cleaned and removed every 7 days.
Files are stored in AWS S3 providing 99.99999999999% uptime and durability (eleven nines). That is effectively zero downtime per year.
Event Hub privacy commits that if any breach is found, the application owner for all tenants will be advised within 3 hours.
No Breach has occurred to date.
