Security
Firewalls
One of the fundamental architectural choices of the Bitfount platform, different from many other federated architectures, is that Bitfount follows a messaging architecture. This means that services that connect to Bitfount only make outgoing HTTP connections and can happily sit behind a firewall.
Communication protocols
All data entering or leaving Pods uses TLS/HTTPS, and all messages are end-to-end encrypted. This removes any requirement to trust Bitfount with respect to the raw Pod data or analysis outcomes.
Your data (accessed via Bitfount Pods)
Data accessed via Bitfount Pods can be hosted locally or in cloud infrastructure. Data never leaves the Pod and is not accessible to Bitfount unless access is granted.
The only Pod information shared with Bitfount is metadata. More information on the metadata Bitfount has access to can be found in our privacy policy.
Securing your network
We recommend several network security controls for running a Pod:
- By default, all code that runs is pre-installed with your Pod and can only be called through configuration options. This can be overridden if you want to use custom models, but this option should only be enabled for highly trusted users (e.g. employees of your organisation).
- Pods should be run within a docker container with limited access to the rest of your network. You should only allow these docker containers access to the specific data that you want to make available.
- We recommend that any data that you make available is a copy of source data.
- Any connections to databases should be set to be read-only.
- Pods can be set to refuse specific jobs or require privacy settings regardless of what has been set in the access manager. This can enforce additional certainty that specific operations can never happen.
Bitfount's own security
As you might imagine, Bitfount takes security very seriously. Security is a core part of what our product aims to help with! The following are some of the things we are doing to make sure our own code and infrastructure are secure:
- Automated security tests on all our code
- Regular penetration tests on all our services
- Monitoring tools to try to catch intrusions and incidents
- Segregated production environment with limited human access
- Various process-level security policies, including a secure development policy.
- ISO 27001 certification.
- Access to the Hub and Access Managers is protected by strong authentication and authorization controls, with user passwords not being held by Bitfount.
- Bitfount's authentication (Auth0) and infrastructure (AWS) providers hold industry-leading security certifications such as SOC 2 Type II, ISO 27018 and ISO 27001.