Describe the network protection controls used by your organization to restrict public access to databases, file servers, and desktop/developer endpoints.
- Access to the Amazon Aurora database through the network is disabled and standard ports are closed. The database is only accessible through a socket on the server itself.
- The reverse proxy only serves whitelisted directories that are only from sources controlled by Teecom used (AWS Amplify).
- API endpoints are password protected (PBKDF2 & SHA512 encryption, salted, and stretched for thousands of rounds).
- Login credentials are always transmitted securely over SSL.
Describe how your organization individually identifies employees who have access to Amazon Information, and restricts employee access to Amazon information on a need- to-know basis.
- If all your employees are properly assigned separate users and given only relevant access rights: Access rights are provided to employees based on their role within the company and are progressive, base