Data Security

Security of data is a core design requirement of the useMango™ system. The two key aspects of data security that are planned for in the design of useMango™ are

  • security from unauthorized access or theft
  • security from loss - either accidentally or through system failure

The main features of useMango™ that provide data security are:

User identity control

Users of the useMango™ system must be authenticated before any access is granted. Authentication is achieved by providing a secure password along with a user email address. An email address and password together form the basis of establishing the identity of a user. Authentication requests are required to be made over the TLS protocol 1.0 or later, and all identity information is encrypted whilst stored in the identity service.

Authorization control

All access to useMango™ services must be made through HTTPS network end points. All requests to system end points must be made over the TLS protocol 1.0 or later. Every request is inspected using the industry standard OAuth 2.0 authorization protocol and requests are granted or denied accordingly.

Data Encryption

All network traffic between client machines and useMango™ services is encrypted using HTTPS TLS security.

All system data that is written to disk for storage is written in an encrypted format using the 256-bit Advanced Encryption Standard (AES-256).

Multi-site storage

All system data is replicated six ways across three data centres in separate locations that are isolated from failures in the others.

Data Backup

All primary system data stored by useMango™ services is continuously backed up to a separate storage area. In addition, full snapshots of the data are created on a daily basis and are retained for 31 days.