Security Policy

Introduction

At Mechanical Rock, we understand that security is of fundamental importance to your organisation and is foundational to everything we do. This security policy summarises the security controls we have in place.

Security Framework

Tenancy Model

WayFinder compartmentalises your data into isolated tenants. Management operations are performed through shared-tenant services using least privilege authorisation policies that prevent access to your data.

Data Movement

  • Data movement is configured through isolated configuration per organisation with isolated role permissions.
  • In flight sessions run on ephemeral compute with no use of temporary storage. Execution context and authorisation is maintained by isolated configuration preventing the possibility of any cross-tenant access.

Data Storage

  • Data is stored in isolated databases.
  • Role based access control limit access to a single database only.
  • Ingestion (write) and analysis (read) roles are segregated.

Secrets and Access Keys

Your access keys and credentials for connected systems are retained in order to continuously extract data. Authorised WayFinder operations staff may use your access keys to troubleshoot your issues.

All secrets are stored in a secure encrypted vault managed by our cloud provider. Customer secrets are encrypted using dedicated encryption keys per customer.

Encryption

Information is encrypted in transit and at rest.

Zero Trust Model

Services operate following a zero-trust model:

  • Ephemeral compute services run in an assigned least-privilege authorisation context.
  • Ephemeral compute runs under services managed under AWS Global Network Security Principles.
  • All operations require an authorisation context which is validated before processing takes place.
  • System-system authentication is controlled through dedicated system-provisioned certificate/credential exchange. Message signing and verification are used ensure data authenticity.
  • External endpoints are protected through Web Application Firewalls protecting against OWASP Top 10 attacks.

Cloud Native Services

We use third party systems to process your data, including Fivetran and Snowflake. WayFinder runs our services on Amazon Web Services.

AWS

AWS accounts are managed according to AWS best practices.

WayFinder compute and data are managed within a single AWS account and deployed according to our tenancy model. AWS IAM Roles and Policies enforce resource isolation boundaries and prevent unauthorised access.

AWS hold a variety of security and compliance certifications including SOC 1/2-3, PCI-DSS, ISO27001 and IRAP.

Fivetran

Data movement between your systems and WayFinder is managed using Fivetran.

Fivetran maintain compliance with a number of standards including SOC 2 Type 2, ISO 27001, PCI-DSS, EU 94/95 privacy rules, GDPR and HIPAA standards.

Snowflake

Snowflake maintain strong security and data policies and maintain compliance with a number of standards including SOC 1/2, ISO 27001, and IRAP standards.

Security Operations

Identity and Access Control

Access control for WayFinder operations staff to all systems is managed through SSO services, with strong password policies and use of Multi Factor Authentication (MFA) mandated.

Role based access controls limit access to your data to authorised personnel only.

Compliance, Monitoring and Alerting

Security governance guardrails are categorised into:

  • Awareness Controls: awareness training to understand the existence of threats and appropriate countermeasures.
  • Preventative Controls: proactively prevent issues from happening.
  • Detective controls: identify threats as soon as possible.
  • Remediation controls: when incidents do occur, how we respond to minimise the impact.

We use a combination of controls at all levels in order to maintain a strength-in-depth security posture.

  • WayFinder has deployed anomaly detection security monitoring for cloud configuration and audit events.
  • All cloud resources are continuously evaluated against automated detective compliance checks against our security policy.
  • We have automated remediation controls in place to automatically resolve threats as soon as they are identified. For example, in the event that our other security protocols and procedures are violated and an S3 bucket is made public, our automated controls will make the bucket private in <1s.

In the event that detective or remediation controls are triggered, automated notifications raise awareness to our operations teams for further investigation.

Where required, our escalation procedures then trigger our incident response processes.

Secure Coding

Configuration control is managed through our robust software delivery practices. All production changes are managed through our GitOps processes using infrastructure as code and following our peer review processes.

We use automated SAST code scanning and dependency scanning tools to detect code vulnerabilities. Issues and remediations are integrated directly into our SDLC process in order to minimise time to resolution.

Incident Response

Our incident response processes ensure our operations team are prepared and able to respond to incidents affecting WayFinder and its users.

Our unified approach to incident response ensures operations teams are practised in responding to issues, irrespective of their nature.

Our incident response process covers:

  • Contain - Stop an active attack, with defined lock-down procedures
  • Analyse - Investigate the specifics of an attack to understand how they got in and what damage they caused
  • Control - Plug the gap to prevent any further breach and restore service
  • Post-mortem - Examine our response; learn from it and introduce countermeasures as necessary to mitigate the risk in future.

Audit

Audit and access logs are maintained in tamper proof environments to assist incident response.

Cloud audit trails are monitored by our automated anomaly detection systems and linked to our alerting systems to notify us of any suspicious behaviour.