All communication with the platform is encrypted in order to prevent man-in-the-middle attacks and eavesdropping that could potentially expose sensitive data to attackers or other unauthorized users. Encryption mechanisms are put in place to protect sensitive data that is stored on the platform.
Network security of the platform is ensured by following the network zoning principles that segment the platform networks in a way where the already hardened servers holding the most sensitive data are separated from those with less sensitive data.
Physical security measures
In order to address unauthorized physical access to platform components and cold storages, different physical security measures are put in place. Physical access to servers is secured by the confidentiality of physical location of servers. The location has an access control system, security guards, and other security mechanisms. Hardware wallets distributed in safe deposit boxes are used for cold storage.
DDoS protection system and Web Application firewall
DDoS protection system and Web Application firewall are protecting the internet-exposed part of the platform from DDoS attacks and attacks on potential application vulnerabilities (e.g. SQL injections, file injections, XSS, etc.).
The platform is being monitored 24/7 in order to respond to potential anomalies and/or failures.