At FastApps security of our customers data is our number one priority. We go to great lengths to prevent logging, storing, or saving users data.
Does FastApps store my data?
No, FastApps does not store any data returned from your API endpoints or DB queries. FastApps only acts as a proxy layer. Hence, as a user, when you query your database/API endpoint, the FastApps server only appends sensitive credentials before forwarding the request to your backend. The FastApps server doesn't expose sensitive credentials to the browser because that can lead to security breaches. Such a routing ensures security of your systems and data.
Security measures within FastApps
At FastApps, we believe in building applications that are secure-by-default. Security measures implemented for FastApps installations are:
- On FastApps Cloud, all connections are encrypted with TLS. For self-hosted instances, we offer the capability to setup SSL certificates via LetsEncrypt during the installation process.
- Encrypt all sensitive credentials such as database credentials with AES-256 encryption. Each self-hosted FastApps instance (coming soon) will be configured with unique salt and password values ensuring data-at-rest security.
- FastApps Cloud will only connect to your databases/API endpoints through whitelisted IP: 104.131.34.162. This ensures that you only have to expose database access to specific IPs when using our cloud offering.
- FastApps Cloud is hosted in DigitalOcean data centers on servers that are SOC 1 and SOC 2 compliant. We also maintain data redundancy on our cloud instances via regular backups.
- Internal access to FastApps Cloud is controlled through 2-factor authentication system along with audit logs.
- Maintain an open channel of communication with security researchers to allow them to report security vulnerabilities responsibly. If you notice a security vulnerability, please email security@fastapps.io and we'll resolve them ASAP.