8. Hosting Architecture and Data Segregation
8.1 Amazon Web Services. The Genius Referrals Services are hosted on Amazon Web Services ("AWS"
) in the United States of America and protected by the security and environmental controls of Amazon. The production environment within AWS where the Genius Referrals Services and Customer Data are hosted are logically isolated in a Virtual Private Cloud (VPC). Customer Data stored within AWS is encrypted at all times. AWS does not have access to unencrypted Customer Data. More information about AWS security is available at https://aws.amazon.com/security/
. For AWS SOC Reports, please see https://aws.amazon.com/compliance/soc-faqs/
8.2 Services. For the Services, all network access between production hosts is restricted, using access control lists to allow only authorized services to interact in the production network. Access control lists are in use to manage network segregation between different security zones in the production and corporate environments. Access control lists are reviewed regularly. Genius Referrals separates Customer Data using logical identifiers. Customer Data is tagged with a unique customer identifier that is assigned to segregate Customer Data ownership. The Genius Referrals APIs are designed and built to identify and allow authorized access only to and from Customer Data identified with customer specific tags. These controls prevent other customers from having access to Customer Data.9. Physical Security.
AWS data centers are strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication (2FA) a minimum of two (2) times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. These facilities are designed to withstand adverse weather and other reasonably predictable natural conditions. Each data center has redundant electrical power systems that are available twenty-four (24) hours a day, seven (7) days a week. Uninterruptible power supplies and on-site generators are available to provide back-up power in the event of an electrical failure. In addition, Genius Referrals headquarters and office spaces have a physical security program that manages visitors, building entrances, closed circuit televisions, and overall office security.10. Security by Design.
Genius Referrals follows security by design principles when it designs the Services. Genius Referrals also applies the Genius Referrals Secure Software Development Lifecycle (Secure SDLC) standard to perform numerous security-related activities for the Services across different phases of the product creation lifecycle from requirements gathering and product design all the way through product deployment. These activities include, but are not limited to, the performance of (a) internal security reviews before deploying new Services or code; (b) penetration tests of new Services by independent third parties; and (c) threat models for new Services to detect potential security threats and vulnerabilities.11. Access Controls
11.1 Provisioning Access. To minimize the risk of data exposure, Genius Referrals follows the principles of least privilege through a team-based-access-control model when provisioning system access. Genius Referrals personnel are authorized to access Customer Data based on their job function, role, and responsibilities, and such access requires approval. Access rights to production environments that are not time-based are reviewed at least semi-annually. An employee's access to Customer Data is promptly removed upon termination of their employment. In order to access the production environment, an authorized user must have a unique username and password and multi-factor authentication enabled. Before an engineer is granted access to the production environment, access must be approved by management and the engineer is required to complete internal training for such access including training on the relevant team’s systems. Genius Referrals logs high risk actions and changes in the production environment. Genius Referrals leverages automation to identify any deviation from internal technical standards that could indicate anomalous/unauthorized activity to raise an alert within minutes of a configuration change.
11.2 Password Controls. Genius Referrals' current policy for employee password management follows the NIST 800-63B guidance, and as such, our policy is to use longer passwords, with multi-factor authentication, but not require special characters or frequent changes. When a customer logs into its account, Genius Referrals hashes the credentials of the user before it is stored. A customer may also require its users to add another layer of security to their account by using two-factor authentication (2FA).12. Change Management.
Genius Referrals has a formal change management process it follows to administer changes to the production environment for the Services, including any changes to its underlying software, applications, and systems. Each change is carefully reviewed and evaluated in a test environment before being deployed into the production environment for the Services. All changes, including the evaluation of the changes in a test environment, are documented using a formal, auditable system of record. A rigorous assessment is carried out for all high-risk changes to evaluate their impact on the overall security of the Services. Deployment approval for high-risk changes is required from the correct organizational stakeholders. Plans and procedures are also implemented in the event a deployed change needs to be rolled back to preserve the security of the Services.13. Encryption.
For the Genius Referrals Services, (a) the databases that store Customer Data are encrypted using the Advanced Encryption Standard and (b) Customer Data is encrypted when in transit between Customer's software application and the Services using TLS v1.2.14. Vulnerability Management.
Genius Referrals maintains controls and policies to mitigate the risk of security vulnerabilities in a measurable time frame that balances risk and the business/operational requirements. Genius Referrals uses a third-party tool to conduct vulnerability scans regularly to assess vulnerabilities in Genius Referrals' cloud infrastructure and corporate systems. Critical software patches are evaluated, tested, and applied proactively. Operating system patches are applied through the regeneration of a base docker image and deployed to all nodes in the Referrals Services cluster over a predefined schedule. For high-risk patches, Referrals Services will deploy directly to existing nodes through internally developed orchestration tools.15. Penetration Testing.
Genius Referrals performs penetration tests and engages independent third-party entities to conduct application-level penetration tests. Security threats and vulnerabilities that are detected are prioritized, triaged, and remediated promptly.16. Security Incident Management.
Genius Referrals maintains security incident management policies and procedures in accordance with NIST SP 800-61. Genius Referrals' Security Incident Response Team (GR-SIRT) assesses all relevant security threats and vulnerabilities and establishes appropriate remediation and mitigation actions. Genius Referrals retains security logs for one hundred and eighty (180) days. Access to these security logs is limited to GR-SIRT. Genius Referrals utilizes third-party tools to detect, mitigate, and prevent Distributed Denial of Service (DDoS) attacks.17. Discovery, Investigation, and Notification of a Security Incident.
Genius Referrals will promptly investigate a Security Incident upon discovery. To the extent permitted by applicable law, Genius Referrals will notify Customer of a Security Incident in accordance with the Data Protection Addendum. Security Incident notifications will be provided to Customer via email to the email address designated by Customer in its account.18. Resilience and Service Continuity
18.1 Resilience. The hosting infrastructure for the Genius Referrals Services (a) spans multiple fault-independent availability zones in geographic regions physically separated from one another and (b) is able to detect and route around issues experienced by hosts or even whole data centers in real time and employ orchestration tooling that has the ability to regenerate hosts, building them from the latest backup.
18.2 Service Continuity. Genius Referrals also leverages specialized tools available within the hosting infrastructure for the Services to monitor server performance, data, and traffic load capacity within each availability zone. If suboptimal server performance or overloaded capacity is detected on a server within an availability zone, these specialized tools increase the capacity or shift traffic to relieve any suboptimal server performance or capacity overload. Genius Referrals is also immediately notified in the event of any suboptimal server performance or overloaded capacity.19. Customer Data Backups.
Genius Referrals performs regular backups of Customer Data, which is hosted on AWS's data center infrastructure. Customer Data that is backed up is retained redundantly across multiple availability zones and encrypted in transit and at rest using the Advanced Encryption Standard.