Security
We use Amazon Web Services to host all production environments. AWS is designed to help us build a secure, high-performing, resilient, and efficient infrastructure for our application. AWS data centers are secure by design and SOC 1, SOC 2, and SOC 3-certified. All our production servers are immutable, continuously patched Docker-based systems. We also utilize additional AWS services such as VPC (Virtual Private Cloud), AWS multi-account infrastructure, EKS (Elastic Kubernetes Service). To secure communication over the network, we use HTTPS protocol encrypted using TLS (Transport Layer Security).
We use Amazon Web Services to host all production environments. AWS is designed to help us build a secure, high-performing, resilient, and efficient infrastructure for our application. AWS data centers are secure by design and SOC 1, SOC 2, and SOC 3-certified. All our production servers are immutable, continuously patched Docker-based systems. We also utilize additional AWS services such as VPC (Virtual Private Cloud), AWS multi-account infrastructure, EKS (Elastic Kubernetes Service). To secure communication over the network, we use HTTPS protocol encrypted using TLS (Transport Layer Security).
We utilize AWS KMS (Key Management Service) to create and manage keys and control the use of encryption across a wide range of AWS services and our application.
We utilize AWS KMS (Key Management Service) to create and manage keys and control the use of encryption across a wide range of AWS services and our application.
Flo stores all data such as metadata, activity, original files, and customer’s data in different places. All data is encrypted by KMS in each place.
End-user sensitive data is removed from logs and Flo engineers have no access to this data.
Flo stores all data such as metadata, activity, original files, and customer’s data in different places. All data is encrypted by KMS in each place.
End-user sensitive data is removed from logs and Flo engineers have no access to this data.
The Production network is isolated from other Staging, Development, and Infrastructure environments. Every environment is located on the separate AWS account into separate VPC networks.
The Production network is isolated from other Staging, Development, and Infrastructure environments. Every environment is located on the separate AWS account into separate VPC networks.
All payments are processed either by the App Store, Google Play or Stripe who take full responsibility for payment security. Flo doesn’t store any credit card information.
All payments are processed either by the App Store, Google Play or Stripe who take full responsibility for payment security. Flo doesn’t store any credit card information.
;)
;)
;)
;)
;)
If you have any questions or suggestions regarding security and privacy at Flo, send us a note at privacy@flo.health.