We deploy our app on dedicated Heroku instances in US East behind an nginx load balancer. Our core database runs on AWS Aurora Postgres, which offers out-of-the-box replicas and multi-availability-zone failover. We also make use of a number of other cloud service providers for data, storage, monitoring, and notifications. (See list below.) We vet all third-party service providers carefully before using them.
We engage third-party vendors to do penetration tests and security audits on at least an annual basis, with our most recent one in January 2020. Reports are available upon request.
We have a 24/7/365 on-call rotation, which will respond immediately to security incidents. We also respond quickly and transparently to bug and security reports.
All core client data is stored in AWS Aurora Postgres, accessed only over HTTPS and encrypted at rest. We enforce access control policies on all customer data exposed through the application and our APIs.
We follow the principle of least privilege in granting employees access to core data, and allow access to private customer data for debugging purposes only. We enforce two-factor authentication and single sign-on for all core services where available, including G Suite, Heroku, AWS, Cloudflare, and GitHub.
Our core application is written on top of the Django web framework, which is open-source and enforces a number of web security measures out of the box, including encrypted cookies, cross-site scripting prevention (XSS), and cross-site request forgery (CSRF) prevention.
All traffic is served over HTTPS only and uses HSTS. All traffic is behind Cloudflare DDOS and firewall protection as well.
The vast majority of our users authenticate through a Google login, Facebook login, or passwordless one-time-token system over email. In the few cases where we provide passwords (only upon request), they are hashed using bcrypt, salted and peppered.
We use a number of third-parties to provide the MobilizeAmerica services. All have been vetted to our security and availability standards. The core services we rely on are:
- Heroku: Cloud infrastructure hosting, where our servers run
- AWS: Cloud infrastructure, specifically Aurora Postgres for our product database and S3 for file storage, as well as other tools for ancillary services
- Cloudflare: Network infrastructure and CDN, including DNS, web application firewall, caching, and edge computing
- Algolia: Cloud search, for event and user search and filtering
- RedisLabs: Cloud Redis, for worker queues and application caching
- Imgix: Image CDN and proxy
- Mailgun: Transactional email
- Twilio: Transactional SMS
In addition, we make use of the following third parties to provide non-core functionality, monitoring, or analytics:
- New Relic: Monitoring
- Datadog: Monitoring
- LogDNA: Log aggregation
- Segment: Analytics and ETL
- VividCortex: Monitoring
- Sentry: Error aggregation
- Pingdom: Uptime monitoring
- Intercom: User support
- Amplitude: Analytics
- Google Analytics: Analytics
- Google Tag Manager: Analytics
- Facebook: User analytics and ad targeting