Access control and organizational security
All of our employees and contractors sign confidentiality agreements before gaining access to our systems, software, data, and code. Each person at FirstIgnite is trained and made aware of security concerns around access and best practices for our systems.
Regular reviews and testing
Our software infrastructure is updated regularly with the latest security patches. We employ manual and automated testing throughout our development pipeline to be cognisant of potential vulnerabilities before any updates are deployed to production.
Our backend engineering team is responsible for security, infrastructure, and performance and is in charge of access/identity management, and log file management. Their responsibilities include:
- Reviewing all changes to the code and infrastructure to ensure they follow best practices and security guidelines (such as OWASP)
- Building and operating FirstIgnite’s infrastructure, including logs, monitoring, and authentication
- Reviewing, testing, and designing incident response processes
- Responding to alerts triggered by any security events
- Monitoring and alerting on anomalous activity
- Coordinating vulnerability testing with external security researchers