Skip to content

EquiTrack Security

Equitrack

Security

How we process data at EquiTrack

Data Storage

Our application employs MongoDB databases hosted in European AWS regions to ensure data sovereignty and GDPR compliance, with all data encrypted at rest using industry-standard protocols. The web infrastructure is hosted on Vercel’s enterprise-grade platform, featuring built-in DDoS protection and global edge security, while content management is facilitated through Storyblok’s secure infrastructure located in Frankfurt, Germany.

Backup and Restore 

Our backup strategy includes automated daily backups for all database systems, point-in-time recovery capabilities supported by our AWS infrastructure, multi-region redundancy for critical systems, and a 30-day retention period for all backups, ensuring robust data protection and disaster recovery.

Access Control

Our access control measures include an OAuth 2.0 compliant JWT authentication system, role-based access control (RBAC) for granular permission management, secure API endpoints protected with TLS 1.2+ encryption, and the implementation of a zero-trust security model to ensure robust protection of sensitive resources.

Security Monitoring 

While direct security monitoring is out of scope for our software delivery, our infrastructure providers offer: 

  • DDoS protection through Vercel’s global edge network
  • AWS CloudWatch monitoring for backend services
  • Automated vulnerability scanning through our hosting providers
  • Real-time threat detection and response
  • Vulnerability Assessment 

Our vulnerability assessment strategy involves regular code reviews, adherence to security best practices, and proactive dependency scanning and updates. We leverage the continuous security assessments provided by our partners, including Vercel’s enterprise-grade security scanning, AWS’s comprehensive suite of security tools, and Storyblok’s ongoing security testing through Detectify, ensuring a robust and resilient security posture.

Employees (Forward Digital)

All our developers follow security-first development practices Regular security training and updates, Strict access control policies for client data, CyberEssentials certified team members. 

Certifications 

Forward Digital: 

  • CyberEssentials certified 
    Compliant with UK government standards 

Our infrastructure providers maintain: 

  • ISO 27001 certification (AWS, Vercel) 
    SOC 2 Type 2 compliance 
    GDPR compliance 
    Various other security certifications including PCI DSS 

Additional GDPR Considerations

  1. All our service providers (AWS, Vercel, Storyblok) are GDPR compliant 
  2. Data processing agreements (DPAs) are in place with all providers 
  3. All data remains within the EU/UK 
  4. We maintain detailed data processing records as required by GDPR