Organization of Information Security
Security coordination is managed by Nativo CTO and Director of DevOps. Security and system patching is built into the release process. Nativo uses Green/Blue deployment, which means servers are replaced during every release.
- Nativo has implemented least privilege access management model (see https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#grant-least-privilege for further information).
- Nativo Engineering can only access systems based on team role and requires two-factor authentication.
- Nativo AWS Environment is monitored with AWS CloudTrail for Auditing and AWS Cloudwatch for Alerting.
- Nativo has internal monitoring per application using Elastic Stack (Elasticsearch, Logstash, Kibana).
- Employees in critical roles are trained on our data protection policies.