It’s all about Security

Defense subcontractors trust FutureFeed with their data, and this responsibility is something we take very seriously! We combine enterprise-class security features, serious logging and auditing of our infrastructure, access and data to ensure customer data is always protected. Our customers rest easy knowing their information is safe, and their compliance data secure.

Classified and Export Controlled Information Notification

Although FutureFeed is designed to meet or exceed the security requirements in NIST SP 800-171, FutureFeed may not be used to store or process any US Government information, including classified information or information subject to export controls (e.g, ITAR, EAR, CUI with NOFORN or RELTO markings, etc.). All clients are responsible for ensuring that information submitted to FutureFeed meets these requirements.

Data Center Security

We ensure the confidentiality and integrity of your data with industry best practices. FutureFeed hosts its service and client data on AWS Govcloud. Our Security Team is on call 24/7 to respond to security alerts and events

Read more

AWS Govcloud

FutureFeed uses AWS Govcloud for the storage of all uploaded documents. AWS Govcloud is rated as FedRamp High.

Read more

Application Security

We take steps to securely develop and test against security threats to ensure the safety of our customer data. In addition, FutureFeed employs third-party security experts to perform detailed penetration tests on different applications within our family of products.

Read more

Product Security Features

We make it seamless for customers to manage access and sharing policies with multi-factor authentication. All communications with FutureFeed servers are encrypted using industry standard HTTPS over public networks, meaning the traffic between you and FutureFeed is secure.

Read more

US Based Data Processing and Storage

All client data is stored, processed, and retained on U.S. based infrastructure. To help troubleshoot problems within a client account, FutureFeed may access client data. All such access is logged and initiated by background checked, U.S. citizen-based support representatives. Client screenshares may be used from time to time in support of client needs. All such access occurs only when initiated by the client in a session that clearly identifies the remote session. Screenshare sessions are logged.

Read more

Best Practices

FutureFeed provides a range of security options to ensure data is protected and secure. But an ounce of prevention is worth a pound of cure. By following these best practices, you can increase the security of your FutureFeed.

  • Never give out usernames, email addresses, or passwords.
  • Limit the number of users with administrator access.
  • Use multi-factor authentication to secure your account.

Read more

Data center & network security

Physical Security

Facilities

FutureFeed hosts service data on AWS Govcloud.

AWS Govcloud infrastructure services includes back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.

On-site Security

FutureFeed hosts service data on AWS Govcloud.

AWS Govcloud infrastructure services includes back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.

Monitoring

FutureFeed hosts service data on AWS Govcloud.

AWS Govcloud infrastructure services includes back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.

Location

FutureFeed hosts service data on AWS Govcloud.

AWS Govcloud infrastructure services includes back-up power, HVAC systems, and fire suppression equipment to help protect servers and ultimately your data.

Network Security

Dedicated Security Team

Our Security Team is on call 24/7 to respond to security alerts and events.

Protection

Our network is protected through the use of key AWS security services, integration with our Cloudflare edge protection networks, regular audits, and network intelligence technologies which monitor and/or block malicious traffic and network attacks.

Architecture

Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.

Network Vulnerability Scanning

Network security scanning gives us deep insight for quick identification of out-of-compliance or potentially vulnerable systems.

Security Incident Event Management (SIEM)

Our Security Incident Event Management (SIEM) system gathers extensive logs from important network devices and host systems. The SIEM alerts on triggers which notify the Security team based on correlated events for investigation and response.

Intrusion Detection and Prevention

Service ingress and egress points are instrumented and monitored to detect anomalous behavior. These systems are configured to generate alerts when incidents and values exceed predetermined thresholds and use regularly updated signatures based on new threats. This includes 24/7 system monitoring.

Threat Intelligence Program

FutureFeed participates in several threat intelligence sharing programs. We monitor threats posted to these threat intelligence networks and take action based on our risk and exposure.

DDoS Mitigation

FutureFeed has architected a multi-layer approach to DDoS mitigation. A core technology partnership with Cloudflare provides network edge defenses, while the use of AWS scaling and protection tools provide deeper protection along with our use of AWS DDoS specific services.

Logical Access

Access to the FutureFeed Production Network is restricted by an explicit need-to-know basis, utilizes least privilege, is frequently audited and monitored, and is controlled by our Operations Team. Employees accessing the FutureFeed Production Network are required to use multiple factors of authentication.

Security Incident Response

In case of a system alert, events are escalated to our 24/7 teams providing Operations, Network Engineering, and Security coverage. Employees are trained on security incident response processes, including communication channels and escalation paths.

Encryption

Encryption in Transit

Communications between you and FutureFeed Support Chat and Screensharing servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS) over public networks. TLS is also supported for encryption of emails.

Encryption at Rest

Customers of FutureFeed benefit from the protections of encryption at rest for their data. Service Data is encrypted at rest in AWS using AES 256 key encryption.

Availability & Continuity

Redundancy

FutureFeed employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime and/or our Enhanced Disaster Recovery service offering allows us to deliver high level of service availability.

Disaster Recovery

Our Disaster Recovery (DR) program ensures that our services remain available or are easily recoverable in the case of a disaster. This is accomplished through building a robust technical environment, creating Disaster Recovery plans, and testing activities.

Application Security

Authentication

To prevent unauthorized account access, a strong passphrase is used for both our AWS user account and SSH keys. SSH keys are stored securely to prevent disclosure. SSH keys are replaced if lost or disclosed.

Secure Development Practices

FutureFeed applies development best practices for our development language(s) and framework(s) to mitigate known vulnerability types such as those on the OWASP Top 10 Web Application Security Risks.