youni

Preventive

Detective

Corrective

Physical

- Outsourcing secure servers from aws

- Password protected work computers

- Lack of centralized location of business operation that could be exploited

-Data loss detection handled by aws

- Vulnerability improvements handled by aws

Logical

- password/ 2-Factor Authentication, password protected backend, protected API keys 

- User passwords require letter, number, and special character

- Data is encrypted at application level

- Encrypted data is passed on to aws which handles encryption of stored data

- version control to halt the deployment of faulty code

- Logging of transactions and account creation

- Security review for new features/systems

- Functions dedicated to security application and testing

- Daily product testing

- Version roll back

- Agile style development for quick solution implementation

Administrative

- A documented and approved security policy

- Distributing work for important task between several employees, even if it could be completed by just one

- Access Control

- Employee security education

- forbidding work on shared computers

- Bug and issue reports from customers through discord and fresh desk

- Security Trainings

- Security incident response plan designed to minimize damage

- Security Trainings