Continue to main
  • Products
    Business icon

    Build software

    Builder StudioTM
    Create your custom app and own all the code
    Studio StoreTM
    Sell goods and services online with ready-to-go-apps
    Builder NowTM
    Turn your app idea into a working prototype
    Studio RapidTM
    Build and launch enterprise apps in weeks
    Cloud hosting icon

    Hosting

    Builder Cloud
    Save big on all the cloud services you need
    Software support icon

    Support

    Builder Care
    Keep your app fresh forever with fixes and updates
  • Solutions for
    Business icon

    Business

    Entrepreneurs
    Make your dream business app a reality
    SMBs
    Scale your sales with an app you own
    Enterprise
    Bypass your internal teams and get apps built fast
    Industries icon

    Industries

    Retail & Ecommerce >Financial Services >Healthcare >Construction >Travel & Hospitality >Education >Media & Entertainment >
    See all industries >
  • Resources
    Case studies icon
    Case studies
    Real app-building stories from our customers
    Guides icon
    Guides
    Expert advice on how to start, run and market your app
    Blog icon
    Blog
    News, industry trends and quick-fire business tips
  • About us
    Story board icon
    Our story
    Why we're here - and how we can help you
    Question mark icon
    Why Builder.ai
    Find out how we compare with all your other options
    How we use AI
    How we use AI
    Discover the tech behind our products and services
    Newsroom
    Newsroom
    Builder.ai has been making headlines…
  • Pricing
  • Sign in
  • Get started
  • Products
    Business icon

    Build software

    Builder StudioTM
    Create your custom app and own all the code
    Studio StoreTM
    Sell goods and services online with ready-to-go-apps
    Builder NowTM
    Turn your app idea into a working prototype
    Studio RapidTM
    Build and launch enterprise apps in weeks
    Cloud hosting icon

    Hosting

    Builder Cloud
    Save big on all the cloud services you need
    Software support icon

    Support

    Builder Care
    Keep your app fresh forever with fixes and updates
  • Solutions for
    Business icon

    Business

    Entrepreneurs
    Make your dream business app a reality
    SMBs
    Scale your sales with an app you own
    Enterprise
    Bypass your internal teams and get apps built fast
    Industries icon

    Industries

    Retail & Ecommerce >Financial Services >Healthcare >Construction >Travel & Hospitality >Education >Media & Entertainment >
    See all industries >
  • Resources
    Case studies icon
    Case studies
    Real app-building stories from our customers
    Guides icon
    Guides
    Expert advice on how to start, run and market your app
    Blog icon
    Blog
    News, industry trends and quick-fire business tips
  • About us
    Story board icon
    Our story
    Why we're here - and how we can help you
    Question mark icon
    Why Builder.ai
    Find out how we compare with all your other options
    How we use AI
    How we use AI
    Discover the tech behind our products and services
    Newsroom
    Newsroom
    Builder.ai has been making headlines…
  • PricingSign in
    Get started
< All posts
Marketing

3 Fundamental Best Practices for Enterprise Security

At the beginning of March this year, hackers attempted to break into the email accounts of World Health Organisation staff members. Around the same time, the Department of Health and Human Services (HHS) faced a security breach.

Lakshmi Devan
Senior Manager Content @ Builder.ai®
June 23, 2020
Facebook
Twitter
LinkedIn
business dirty door security

It goes without saying that COVID-19 pandemic has upended every aspect of our daily lives - from work and financial security to mental health and leisure. And Builders, unfortunately it doesn’t end there. At this time of heightened vulnerability, business institutions across the globe have also been witnessing an alarming rise in cyber-attacks.

At the beginning of March this year, hackers attempted to break into the email accounts of World Health Organisation staff members. Around the same time, the Department of Health and Human Services (HHS) faced a security breach. After picking up on the increase in activity, security employees monitored and fought the breach for several hours.

In case you missed it, recently the National Cyber Security Centre (NCSC) and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory against government-backed hackers attacking healthcare and research institutions during COVID-19. “CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations,” the agencies said in a statement.

But there is enough evidence to prove that the interest of attackers goes beyond just these institutional giants. If you ask us, every business irrespective of the industry, from finance, law, nonprofits to fashion and education, both big and small, are equally at risk.

So, that brings us to the big question:

What can you do as a business owner to protect your data in 2020?

Since cybercriminals continue to get more innovative and find new ways to breach, the ideal practice is to keep your business’ cyber security policies up to the minute. Smart businesses recognise threats and eliminate risks early to keep their data safe and avoid any breaches. Don’t worry; we are here to help you get started. Be warned; this may get technical. We hope you have your tech dictionaries open, Builders.

Here are our 3 fundamental best practices for enterprise security in 2020:

1. A risk-based strategic approach to security.

Every industry and business within comes with its own set of specific hidden risks, and therefore, meeting standard regulations isn’t entirely enough. We recommend regular risk assessment wherein you identify all valuable assets and the efficacy of the current cyber security set up, and the new strategy required to counter any new threats. This simple practice will help you avoid fines for failing to comply with regulations, remediation costs for potential breaches, and the losses from missing or inefficient processes.

2. Timely data backups

Ever since ransomware got introduced into our lives, having a full and current backup of all data has become almost a standard practice in information security and deserves a mention here. Just to give you a clearer picture, here are some of our data back and retention policies at Builder.ai:

· We have enabled EC2 server backup through AWS Lifecycle Manager and set a cloud watch event for that function, which runs at every midnight taking backup of EC2 server by making an AMI of that EC2 server.

· And the second option is that we have scripts for taking backup of EC2 server, for this we have launched a minimum configuration server and have that script on that server, which runs every midnight and makes AMI of that particular server.

· We have set the retention period to delete the AMI after 7 days of creation and for that we have configured lambda function and cloud watch event for that. The second option is the script for deleting 7 days old AMI. And for our RDS we have enabled Automatic backup of RDS DB servers.

3. The principle of least privilege

Critically evaluate and determine stakeholders that absolutely require privileged access to sensitive data and restrict access wherever possible. The opposite scenario, where all new employees are granted privileges by default increases the probability of data compromise by giving away sensitive data as soon as any of the employee accounts is hacked. For instance, here are our authority, access and data security policies at Builder.ai:

  • Access to information shall be restricted to authorized users who have a required business need to access the information.
  • Authorization to access the customer accounts must be granted by the designated business owner. An email from a customer and/or designated owner will be considered as approval.
  • We will provide required access on a least privilege basis to all services.

AWS Console and API Access

  • MFA shall be enabled for Root users of Builder.ai and all customer accounts.
  • Root users shall not be used for any operational activity.
  • Builder.ai resources shall use their Builder.ai IAM or SSO user with MFA enabled to access customer resources accounts.
  • Builder.ai Admin shall delegate client access to resources as per requirement.
  • All programmatic access shall be via IAM roles.
  • All users will only have access to the privileges they need and no more.
  • An IAM user shall have either password or the keys. Passwords shall be used to access AWS console and keys for programmatic access only. One IAM user shall never be used for both purposes.
  • We check MFA activation every 3 month for all AWS accounts.

Remote Access to client servers by Builder.ai resources

  • Builder.ai has its own Private Cloud Infrastructure in AWS.
  • All Builder.ai Windows laptop devices shall be secured by Windows defender Antivirus.

Direct Access

  • Builder.ai resources shall use their Builder.ai user with MFA to access customer resources accounts.
  • Records of all the users having access to specific internal and customer information are maintained.
  • Furthermore, here are some of the top recommendations we share with our customers:
  • Firewall ports such as SSH and DB ports should be restricted for public access, SSH should only be allowed from specific IP’s DB ports should only be opened from private IP address of the EC2 servers.
  • Use “Bastion” host and keep our Instance in private mode so that there is no chance to access those Instances directly.
  • Keep their password protected and don't share the password with anyone else.
  • Use NACL rules which restrict the in and out of one or more subnet, network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic, by default it allows all inbound and outbound Ipv4 traffic and, if applicable, Ipv6 traffic.
  • Use VPC endpoint to transfer data to one AWS resource to another e.g. To transfer data from EC2 to S3 using VPC endpoint so that the data should travel on AWS private network, which makes the data more secure and also increases the transfer speed.
  • Use IPsec VPN to transfer data from on premise DCs to AWS so the data transfers securely.

Data security may be a moving target, but choosing the right partner for your business can get you a lot closer to it. And we pride ourselves in being one of the most secure choices for our clients. So, if you’re looking for a partner in your digital transformation journey, we are here to support you with all your needs including cloud adoption and software after-care. Does that sound good to you? Then click right here and reach out to us for more information.

Found it useful? Share it on:
Facebook
Twitter
LinkedIn
Lakshmi Devan
Senior Manager Content @ Builder.ai®
TwitterLinkedIn
Lakshmi is a communications professional with over 6 years of experience across industries- from digital media and fashion to health and technology. She specialised in Integrated Marketing and Communications cum laude, and naturally, can work her magic best when handling public relations, marketing and editorial content and communication. Most people find her moderately introverted, conspicuously sassy, significantly energetic, and massively dog-loving.
View all posts from
Lakshmi Devan
Arrow right

Related articles

Announcements
Builder Fam: Meet our Head of Enterprise European Sales, Graeme Lipschitz
Builder Fam: Meet our Head of Enterprise European Sales, Graeme Lipschitz

Find inspiration to become a great leader in uncertain times here.

Team Builder
April 15, 2020
Trends
3 Enterprise Business Intelligence trends that can benefit your business
3 Enterprise Business Intelligence trends that can benefit your business

Your business is set to prosper when you work smart by keeping these industry trends in mind.

Lakshmi Devan
May 28, 2020
Marketing
3 reasons enterprises fail at digital adoption (and how you can succeed)
3 reasons enterprises fail at digital adoption (and how you can succeed)

Make the most of 2020 with a new digital project? Don't fall into these most common mistakes. Read how here.

Lakshmi Devan
May 6, 2020

Related case studies

Builder Cloud
Myntra
Myntra

How we saved India's largest e-commerce fashion and lifestyle store over $2m over 2 years...

View case study
Arrow right
BBC Click Live
BBC Click Live

BBC Click wanted to make it easy for people to sign up for events and interact with each live show. We worked with the BBC to offer attendees a world-class event experience that drove engagement and enjoyment across-the-board.

View case study
Arrow right
Pepsi
Pepsi

Replacing manual processes and empowering employees to focus on what they do best: provide excellent customer service. Supporting Dubai Refreshment’s rapid growth by providing a platform that scales with them.

View case study
Arrow right
View more

Subscribe to our newsletter

Sign up to our newsletter to get monthly updates on new posts, discounted tickets for our events and possibly some candies, too.

Blog newsletter subscribe image
Builder.ai logo
Software as easy as ordering pizza
Try it for free
Right circle
Builder Studio app building illustration
Builder.ai logo
  • Facebook logoFacebook
  • Twitter logoTwitter
  • LinkedIn logoLinkedIn
  • YouTube logoYouTube
  • Instagram logoInstagram

Products

  • Builder Studio
  • Builder Care
  • Builder Cloud
  • Studio Rapid

Resources

  • App Builder
  • Guides
  • Case studies
  • DevOps

Company

  • About us
  • Careers
  • Partners

Reach us

  • Blog
  • Newsroom
  • Contact us
Builder.ai®, 6th Floor, North West House, 119 Marylebone Rd, London NW1 5PU.
Copyright © 2022 Engineer.ai Corp. All rights reserved.
Terms | Privacy | CCPA | Cookie Policy | Cookie Settings | Legal and Compliance
CogX awards budge
CogX awards budge
close icon

Get a free demo