Security overview

ProdPad is a multi-tenancy SaaS tool that is hosted on AWS in the EU (Ireland). Single tenancy and on-premise versions are also available. 

The security of the application is based on two concepts:

  • Defense in depth
  • Zero Trust

With defense in depth we use layers of protection (e.g. multiple different levels of firewall and access control) rather than rely on a single layer of security. 

Zero Trust model requires each person/entity to continually authenticate and authorize access. This also involves isolating different parts of the infrastructure from other parts and only opening ports/channels/methods that are needed. 

In terms of backup and disaster recovery, we use Amazon's RDS to provide the database. RDS performs nightly backups that are stored in S3 and we also use point-in-time logging. This allows us to restore the database to within 1-5 mins of when the database goes down. As we use AWS we can re-create the instance of ProdPad, including app servers and database servers, in another region, should there be an extended downtime in the current region. The app servers are maintained by Chef allowing us to re-create exact replica within minutes.Finally, in terms of our internal processes and policy, we don't have easy access to your ideas and data (ie.we can't simply log in as you to see what's in your account), and we only dig into the logs or the database when specifically required for troubleshooting. We don't resell or reuse your data in any way, nor do we have plans to (our business model is to provide tools to save you time and effort, not to attract advertisers or buyers like you'd expect from a free service, for example).

If you have any questions please drop us a line at hello@prodpad.com.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us