Security and data protection

We care and we protect your data by keeping it safe and private.

If you have any specific questions regarding security at PipeOne, please send us a message to help@pipeone.me.

DATA CENTER

We run on Amazon Web Services (AWS) in their fully certified data centers and we apply security controls and system checks to keep your data safe.

PipeOne uses AWS data centers in the United States and in the European Union (service data may be stored in any region).

On Amazon we also use S3 technology (Simple Storage Services) that offers industry leading durability, availability, performance, security, and virtually unlimited scalability.

S3 ensures that our platform works independently of the application server (where the source code is), so if for some reason the application server fails, none of the files are lost and the service continues to run smoothly by other applications.

In addition to that, all your files are only accessed via the exact link, and to ensure greater security, we use hashing in place of the original filename (one-way function where a unique message digest is generated from an input file or a string of text).

As an example, a file that you may upload on our platform (or it’s received from your customer) like “photo-of-your-customer-ID.png” is renamed into a long random characters to hide and secure the file as “56a41762-74eb-4a61-a118-9072c4654.png”.

For our Amazon S3 service, we use AWS data center in the United States (US East -Ohio).

ENCRYPTION

Your communications with PipeOne servers are encrypted using industry standard HTTPS, the same protocol used by almost all e-commerce web sites and you can only access PipeOne via HTTPS using Secure Socket Layer (SSL).

All data and associated keys stored in our databases are encrypted using the industry standard AES-256 encryption algorithm.

AWS supports Transparent Data Encryption (TDE). With TDE, the database server automatically encrypts data before it is written to storage and automatically decrypts data when it is read from storage.

Transparent Data Encryption is integrated with AWS CloudHSM, which allows us to securely generate, store, and manage your cryptographic keys in single-tenant Hardware Security Module (HSM) appliances within the AWS cloud.

You can check our SSL status report and our overall rating HERE.

MONITORING

We constantly monitor our infrastructure, platform environments and web applications to detect potential security incidents in real time.

Our tech team quickly responds to security alerts. If web vulnerabilities are found, we fix it and test to confirm successful remediation.

ACCESS CONTROL

You can manage users' permissions and activate the 2FA option for your users as well or use the social connect (via Facebook or Google) to increase your account access security. Multi-factor authentication is enforced for all PipeOne employees.

DDoS, NETWORK ISOLATION AND DATABASE FIREWALL

PipeOne has a multi-layer approach to DDoS mitigation with AWS services, that provide us a deeper protection against DDoS attacks.

Our platform external endpoints are protected by an AWS Web Application Firewall (WAF), which protects the platform from common web exploits that could affect availability and security.

With AWS WAF, PipeOne has control over how traffic reaches our application based on security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting.