Security and Performance
Aggregion architecture is designed with business continuity in mind, with product transactional and master data spread horizontally over multiple global data centers. This allows you to control where your data is stored in order to decrease operational cost and comply with regional regulatory requirements. Integrated support of Microsoft Azure and Amazon S3 technologies allows to store any data volume, providing 99.999999999% data protection as well as nearly unlimited scalability capabilities.
To gauge performance, Aggregion has developed multiple scenarios of platform usages by categories of business users and customers: copyright holders, distributors, resellers, and end-users. These scenarios were stress tested with support from Intel technologies, successfully simulating the usage of the platform by 123 million users per day without a loss in performance, showing the system is able to scale horizontally.
Trusted by Industry Leaders
Aggregion has gone through the due diligence and vetting from IT security departments in such companies as Disney, Microsoft, Pearson, and others. Also, Aggregion has been integrated with major services provided Intel, Google, Microsoft and others, allowing for data protection on an industrial level.
Approach to Security
- Access to the platform is provided through a web-based interface and the technology excludes the possibility of traditional attacks such as XSS, SQL injections, and others.
- Every change in the system code undergoes multi-level review by the developers as well as security specialists.
- Automated testing is used for all system functions to ensure compliance with security requirements as well as business logic.
- All events in the platform are logged, providing full visibility of API calls and alerting when certain events take place or limits are exceeded.
- Modern security measures are used to protect against DoS attacks and fraud.
- AWS storage solutions are used for data backup and recovery
- Network firewalls built into Amazon VPC, and web application firewall capabilities in AWS WAF allows to create private networks, and control access to instances of Aggregion platform
- Aggregion holds an ISO 27001:2013 compliance certificate
- All inbound and outbound platform traffic is encrypted
- Data is never stored openly on unsecured resources
- Every device - from servers to user tablets - may access data only with a special key which is passed along with encrypted data into protected execution environment - a virtual machine which is generated individually for each device.
- Data which is transferred to the user's device cannot be executed on other devices.