Covalent Security

Effective Date: March 15, 2020

World Class Security

The Covalent system runs on a cloud-based platform managed by Amazon, which is the recognized leader in cloud security. Amazon’s cloud offering provides industry-leading performance, uptime, and security, while ensuring that the Covalent system will scale to meet the needs of our customers.Partnering with the recognized leader in cloud security means that our customers’ data is protected by the collective strength of the services and technology that AWS has in place, as well as the experts AWS employs to maintain the stability and security of their cloud solutions. Amazon has demonstrated this with a number of certifications, including SOC-3, ISO-27001, and ISO-9001.

Data Encryption

All customer data is encrypted throughout the Covalent system.
At Rest:
All customer data is encrypted at rest.
In Transit: Covalent forces HTTPS for all services using TLS (SSL)

Web Application Security

Covalent enforces industry-standard development practices, including code reviews, security training, and thorough testing. The system has a modular architecture, such that key areas of the system that deal with authentication, security, and data access are isolated and protected. Any changes to these areas are thoroughly reviewed before they are brought live. Covalent also conducts periodic security audits of these key areas of the system.

Covalent designs its software to prevent many common threats, including SQL injection, session hijacking, and cross-site scripting. We subject our application to thorough penetration and vulnerability testing by trusted third parties at least annually, and we directly address any high priority vulnerabilities identified. The Covalent system has robust monitoring in place such that any abnormalities detected can be addressed quickly. Further, all activity in the system is recorded such that we can track any suspect usage. All API requests and database transactions are logged.

Physical and Network Security

AWS provides robust security measures to ensure the security of the network. From Amazon’s security whitepaper:
Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services.

Further, Amazon has advanced intrusion detection systems in place:
AWS utilizes a wide variety of automated monitoring systems to provide a high level of service performance and availability. AWS monitoring tools are designed to detect unusual or unauthorized activities and conditions at ingress and egress communication points. These tools monitor server and network usage, port scanning activities, application usage, and unauthorized intrusion attempts. The tools have the ability to set custom performance metrics thresholds for unusual activity.

For more information about Covalent Security, contact us: