We go to considerable lengths to ensure that all data sent to Clinch is handled securely — keeping Clinch secure is fundamental to the nature of our business. We want to share some of the details of what we do to keep things secure.
Our team includes people who’ve played lead roles in designing, building and operating highly secure Internet facing systems, such as Internet Banking platforms, cloud services and payment processing systems for companies such as banks and telecom operators.
All of our services and data are hosted in Amazon Web Services facilities. Further details about the considerable measures Amazon take in securing their facilities and services can be found here: https://aws.amazon.com/security/ and https://aws.amazon.com/compliance/
All changes made to our production system are logged to a dedicated audit service. This audit service is provided by AWS CloudTrail product.
Access to production systems is granted on a need basis. All access can only be approved by the Clinch CTO.
Service personnel use AWS Identity and Access Management (IAM) service to provide their access to relevant services within our production environment. Passwords are expired and rotated on a 30 day basis.
Additionally, all service personnel IAM accounts are protected by Two Factor Authentication; providing protection even in the unlikely event of an account password being compromised. All access and changes are audited by the audit service.
We engage independent third party security and penetration testing on a regular basis, to ensure the security and resilience of our service.
Additionally, some of our customers perform their own security tests regularly, and this is something we encourage and co-operate with.