Page Comparison

...

Expand

title	Does your organisation secure and encrypt all data transfers using an appropriate control/protocol (for example, SFTP, HTTPS), and are all data transfers subject to review and authorisation?

Does your organisation secure and encrypt all data transfers using an appropriate control/protocol (for example, SFTP, HTTPS), and are all data transfers subject to review and authorisation?

Yes.

Within Commonplace: Data in transit within the Commonplace environment is all within a Virtual Private Cloud (VPC).

APIs: Data in transit between Commonplace services and External APIs is protected using HTTPS at a minimum of TLS v1.2.

More information: https://commonplace.atlassian.net/l/cp/sgAi9fua

Expand

title	Does your organisation have any controls implemented to protect it against Denial of Service (and Distributed Denial of Service) attacks?Does your organisation have any controls implemented to protect it against Denial of Service (and Distributed Denial of Service DDOS) attacks?

Does your organisation have any controls implemented to protect it against Denial of Service (and Distributed Denial of Service) attacks?Does your organisation have any controls implemented to protect it against Denial of Service (and Distributed Denial of Service DDOS) attacks?

Yes, we use AWS Route53 inbuilt DDOS mitigation and protection tools in combination with AWS WAF.

...

Version	Old Version 17	New Version 18
Changes made by	Roxy Sanchez	Roxy Sanchez
Saved on	Dec 09, 2022	Dec 09, 2022

Versions Compared

Key