Security & Reliability

These are seen as the first priority at Mashoom. Our code and service is fundamentally built around security, we use a range of bespoke and industry standard techniques to secure your data. We also invest in comprehensive independent security reviews to cross check our work. As security can’t be fully guaranteed from code, Mashoom will continue to develop methods to improve how our users use our service to ensure that they can play as much of a role in protecting their own data as we do.

Cyber-security is a very new and quickly developing field; more complex and widespread attacks are happening every day. At the moment, the only real way of staying secure is to keep up to date on new attack methods and continue to improve security practices ahead of a problem. Mashoom is both committed to this continual improvement, and is in a good position to provide updates quickly to all of our users.

Below is a list highlighting what existing features and systems Mashoom has in place to keep your data secure, and the service and file storage reliable. It is also worth stating that these features can be seen as a comparison to securing and maintaining your own server, which would be seen as the alternative to Mashoom; a cloud based service.

  • Fully hosted on Amazon Web Services (AWS)
    • Using EC2, S3, RDS Aurora database, DynamoDB, SES, ELB, IAM, Route 53 and Code Commit (these are Amazon’s product names).
    • AWS has an impressive list of clients for each of their products, notably Netflix and all Amazon’s other business ventures. Scalability and data durability is how they sell their product, and they are fast becoming a market leader.
    • All files are stored using their S3 product, which has a quoted durability of 99.999999999%
    • We use a database cluster for raw data; multiple databases that synchronise with each other. This has a big performance advantage but also means that if one database fails both the data and service will be kept intact.
    • Amazon store the data for many high profile and high risk data sets. Please see https://aws.amazon.com/compliance/data-privacy-faq/. They are happy to auto-generate a compliance report.
    • It is worth saying that Amazon technically have access to Mashoom’s data (this is technologically the only way of providing a cloud service), however, they (and many other tech giants) are actively fighting various government organisations about handing over data that they have access to. This issue is industry wide and much debate is taking place. Mashoom will continue to position itself in the most favourable position for our customer’s data privacy and security.
  • Any coders Mashoom employs are only given access to AWS’s Code Commit, as this is how we version control the Mashoom source code.
    • This can be setup using AWS’s native security features.
    • All database/resource passwords are stored and administered by AWS; there are no passwords written into the source code.
    • This means our coders only have access to our code, not our user’s data.
  • We employ SSL encryption and refuse any other connection, so data is secure on transmission (this is the padlock that appears next to the address bar of your browser).
    • This stops man in the middle attacks, meaning Mashoom can be used from any location safely; no-one can view or edit your data going to and from the Mashoom servers.
  • Every user has their own username and password
    • This is the only way to maintain security, as it fundamentally revolves around a user remembering a password that can’t be shared
    • Passwords are hashed; it is impossible for anyone to obtain a user’s password from database information
  • End-to-end control over user data
    • Mashoom doesn’t use any third parties other than AWS
    • This means all data that is sent to Mashoom is processed and stored by Mashoom. This removes the chances of a third party compromising Mashoom’s security, or doing something unexpected with our data.
  • Fully GIT version controlled source code
    • This is a widely used system that version controls code line by line, it is impossible to make a change without it being logged.
    • Very important in reducing bugs and allowing multiple coders to work effectively, it also allows a complete code review process.
    • Our server setup is written into our source code, we know and can control precisely the environment the code runs in.
  • Mashoom only has our code running in a single location, with one version control
    • If we have a problem or a bug, the issue can be resolved and uploaded to our web servers to be distributed to everyone instantly.
    • This also means that all the improvements we make to Mashoom benefit every user, and we know every user of Mashoom is using the same version of our software.
    • In most cases users won’t know an update has been performed on the website, there is no need for down time.
    • We also employ “blue green deployment” methods, if an update fails the previous version is quickly reverted back to.

Mashoom employs many features within its code to put security layers in place to make it easy to check code is secure and prevent coders being able to write un-secure code.

  • Every database connection Mashoom performs is done through a single programming object and its methods. This is unique to the Mashoom framework.
    • This means all security features/improvements/bug fixes can be applied to this code, and it’s benefits will be across Mashoom.
    • This is a very well tested piece of code, now a year and a half old and used in almost every script on Mashoom.
    • We can confidently say we are immune to XSS and SQL Injection attacks, these are some of the most common and dangerous cyber-attacks.
    • This also means we know no data can cross between separate teams on Mashoom without authorisation
  • We only use open-source sub-components
    • These include PHP, MySQL and a set of other well-known libraries/languages.
    • Amazon’s code to communicate with the cloud is also distributed like this
    • Because this code is public it is scrutinised and therefore improved more than most, if not all, commercial alternatives. It is also in the public domain, so no hidden back doors etc.
    • Regularly updated
  • Standard practice has been used for all security procedures, taken from multiple reliable sources
    • Things like password recovery and remember me features are a good way to unknowingly write a backdoor into your system
    • We have spent a lot of time finding out how to do these features (and any other like them) safely.
    • User and team privacy has also been considered; only usernames and team references are considered public information, even then these can’t be guessed through a trial and error attack.
  • Very high coding standards
    • Any error in the code is considered fatal during development, then every error is recorded when it is running in production. This record is checked regularly to fix bugs, often bugs are found that the user wouldn’t have been aware existed at all.
    • Mashoom also has many failure conditions written into it, most of which are fatal. This essentially checks all the functions/methods of Mashoom are being used correctly
    • Database transactions are used to make sure that data integrity is maintained even with a fatal error, essentially changes to the database are stored in a cache whilst the script fully executes, only if the entire script is successful are the changes to the database made permanent.

Other security notes

  • 2 Factor authentication is on its way!
  • DDoS (Distributed Denial of Service) attacks currently are a concern to everyone in this industry. We are well suited to deal with them given AWS’s capabilities but Mashoom also isn’t a good target given the history of these attacks. It’s important to remember that these attacks can’t steal information, just prevent accessing it via normal means, for as long as the attack holds out (which by its nature can’t be “forever”).
  • Currently we have the following password policy: “must be over 6 characters long and not your name, username or one of the 10,000 most used passwords”. We think this is a fairly robust policy, but we may upgrade it in the future.
  • Currently we don’t enforce password renewals, but again this is subject to change.
  • Unfortunately, the most likely cyber-attack on our users is a phishing email. These are emails that look genuine in order for you to click on a link, either to obtain secret information or download a virus. Mashoom can’t fundamentally protect against this type of attack but we are working on some methods to better inform users to try and reduce the risk.