Infrastructure
Screenfluence is hosted on Amazon Web Services. AWS is a world-class hosting provider with SAS70 Type II compliance.
Database
- We use cookies to determine the browser the visitor uses so the site can be designed to work properly with the most common versions of different browsers.
- We use cookies to estimate our audience size. Your browser is given a unique cookie that helps us determine whether yours is a repeat visit or a first visit.
Media
- Screenfluence stores all media on AWS S3. S3 has 99.99% availability, and a durability of 99.999999999%. Stated in another way, if you upload 10,000,000 objects, you can expect to incur a loss of one object once every 10,000 years.
Connections
- Screenfluence employs only HTTPS connections, where all data is encrypted end-to-end. All connections use TLS 1.2, ECDHE_RSA with P-256, and AES_128 GCM. All resources are served securely.
Enterprise
- Screenfluence provides both 2FA and SSO. This helps protect users from malicious login attempts. SSO also helps protect from administrative oversights that can occur during offboarding.
- Cookies are required to use the screenfluence service.
- We use cookies to record current session information, but do not use permanent cookies. You are required to re-login to your screenfluence account after a certain period of time has elapsed to protect you against others accidentally accessing your account contents.
OWASP
Screenfluence engineering and design decisions are driven by OWASP Top 10.
This includes:
-
- Injection
- Broken Authentication
- Sensitive Data Exposure
- XML External Entities (XXE)
- Broken Access Control
- Security Misconfiguration
- Coss-Site Scripting XSS
- Insecure Deserialization
- Using Components with Known Vulnerabilities
- Insufficient Logging & Monitoring
Employee Screening
Screenfluence employs extensive background checks on all employees including support staff and engineers. Access to data is carefully monitored.