Screenfluence is hosted on Amazon Web Services. AWS is a world-class hosting provider with SAS70 Type II compliance.
- Screenfluence stores all media on AWS S3. S3 has 99.99% availability, and a durability of 99.999999999%. Stated in another way, if you upload 10,000,000 objects, you can expect to incur a loss of one object once every 10,000 years.
- Screenfluence employs only HTTPS connections, where all data is encrypted end-to-end. All connections use TLS 1.2, ECDHE_RSA with P-256, and AES_128 GCM. All resources are served securely.
- Screenfluence provides both 2FA and SSO. This helps protect users from malicious login attempts. SSO also helps protect from administrative oversights that can occur during offboarding.
- Cookies are required to use the screenfluence service.
Screenfluence engineering and design decisions are driven by OWASP Top 10.
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Coss-Site Scripting XSS
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging & Monitoring
Screenfluence employs extensive background checks on all employees including support staff and engineers. Access to data is carefully monitored.