- Why Us
System Architecture & Security Practices (Updated June 14, 2022)
Data Center Hosting
Logging & Monitoring
Data Access Controls
This document is intended for IT Architects, Quality and Risk Assessors. We provide high-level details about the architecture, security practices, and operating model for the purposes of assessing the fit of the Greenlight Guru Services within your enterprise IT architecture. The document assumes a level of understanding of SaaS and Public Cloud infrastructure.
The Greenlight Guru services are operated on a multitenant architecture at both the platform and infrastructure layers that are designed to segregate and restrict access to the data you and your users make available via the Greenlight Guru services.
Greenlight Guru services are web-based. Customers interact with the system through a modern browser application. The web application is built using a service-based architectural style where each internal service is responsible for a non-overlapping subset of the application’s processing.
Greenlight Guru strives to maintain the confidentiality, availability, and integrity of data and services by proactively mitigating cybersecurity risks and helping customers meet regulatory demands.
The Greenlight Guru services are hosted over the Internet on a “Public Cloud”, which are computing services offered by third-party providers to anyone who wants to use or purchase them. Like all cloud services, a public cloud service runs on remote servers that a provider manages. Greenlight Guru assumes responsibility for the security, availability, and performance of the services we provide, the systems they run on, and the environments within which those systems are hosted.
Greenlight Guru uses the public cloud infrastructure provided by Amazon Web Services, Inc. (“AWS”) to host and process Customer Data submitted to the Greenlight Guru services. The production environment within AWS where the Greenlight Guru Services and Customer Data are hosted are logically isolated in a Virtual Private Cloud (VPC). Customer Data stored within AWS is encrypted at all times. AWS does not have access to unencrypted Customer Data.
Information about the security provided by AWS is available from the AWS Security website. Information about security and privacy-related audits and certifications received by AWS, including information on ISO 27001 certification and SOC reports, is available from the AWS Compliance website.
Greenlight Guru Services are built on the software-defined networking concepts of the Public Cloud with AWS-specific implementation details. Our networks are built in layers. We use the controls available at each layer to bolster our network's overall security and reliability. Greenlight Guru service runs in multiple independent geographic regions. Each region has one or more Virtual Private Clouds (VPCs) that define a private address space to isolate resources - our private space on the Public Cloud. We further divide the VPC into layers using subnets with access control rules appropriate for the security of the services hosted on those subnets. Each of our network hosts makes use of AWS security groups to limit exposed ports and provide granular access restrictions to discrete resources on the network.
Greenlight Guru uses independent VPCs for each class of environment - from development to production. These independent VPCs strictly limit connectivity between production and non-production environments. The design of our VPCs allows services in one network to only communicate with other services in the same environment level - production can only talk to production. Likewise, Production Data is not replicated in non-production environments.
We build our products to best utilize redundancy capabilities, such as availability zones and regions, offered by our cloud service provider. The hosting infrastructure for the Greenlight Guru services spans multiple fault-independent availability zones within geographic regions physically separated from one another.
Each region hosts an equivalent Greenlight Guru service with a distinct network of microservices and data. Access into regional networks and services is only possible from within those same regional networks – e.g. only a service can access another service in that same region. The regional point of service delivery does not have any dependency on other regions and can operate autonomously from each other regions in the event of regional data center failure.
Systems used in the provision and run of all of the Greenlight Guru services log information to their respective system log facilities which forward logs to a centralized log management service in order to analyze an operating environment. We take care to ensure that no PII or PHI enters the centralized logging system.
Greenlight Guru maintains an extensive centralized logging environment in the production environment which contains information pertaining to security, monitoring, availability, access, and other metrics about the Greenlight Guru services. The analysis and monitoring of the log event data generate real-time alerts for our service operation.
Greenlight Guru implements and maintains appropriate industry-standard technical and organizational measures to protect Customer Data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure of or access to Customer’s personal data processed or transmitted through the Greenlight Guru services. The Greenlight Guru services have a number of security controls, including but not limited to:
We have a number of measures to ensure that we keep customer data secure and customers retain maximum control of their data.
We place strict controls over our employees’ access to Customer Data. The operation of the Greenlight Guru services requires that some employees have access to the systems which store and process Customer Data. For example, in order to diagnose a problem you are having with the Greenlight Guru services, we may need to access your Customer Data. These employees are prohibited from using these permissions to view Customer Data unless it is necessary to do so. We have technical controls and audit policies in place to ensure that any access to Customer Data is logged. We do not use Customer Data for any purpose other than providing, maintaining, and improving the Greenlight Guru Services and as otherwise required by applicable law.
The Greenlight Guru services use industry-accepted encryption to protect Customer Data (1) during transmissions between a customer's network and the Greenlight Guru services; and (2) when at rest. The Greenlight Guru services support the latest recommended secure cipher suites and protocols to encrypt all traffic in transit.
Our current standards are:
We monitor the changing cryptographic landscape closely and work promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, we do this while also balancing the need for compatibility with older clients.
Greenlight Guru uses the AWS Key Management Service (KMS) for key management. The encryption, decryption, and key management process is inspected and verified internally by AWS on a regular basis as part of their existing internal validation processes.
While our customers share a common cloud-based infrastructure when using Greenlight Guru Service, we have measures in place to ensure they are logically separated so that the actions of one customer cannot compromise the data or service of other customers. We use a concept we refer to as the “org id” to achieve logical isolation of our customers. The context for each tenant is associated with a unique ID stored centrally.
This ensures that one customer tenant cannot access the data of another tenant – nor for one tenant to affect the service of another tenant through their own actions.
Greenlight Guru will store Customer Data at-rest within certain major geographic areas except as otherwise provided in your Order Form. Greenlight Guru services are currently hosted in the following geographic regions:
Customer Data stays in a single region and does not move between regions.
Protecting Customer Data is a joint responsibility between the Customer and Greenlight Guru. For some of the controls, the Customer cannot configure or disable them; others provide customization of the Greenlight Guru services' security by Customers for their own use.
Service Access Controls are controls that we use internally to protect your data that a Customer cannot configure or disable. At a minimum, Greenlight Guru will align with prevailing industry standards such as ISO 27001 or any successor or superseding standard for managing platform-level access. Greenlight Guru’s Service Access Controls include:
Customer Access Controls are controls that a Customer Administrator can manage on behalf of their individual organization's usage of Greenlight Guru. These controls include:
Greenlight Guru performs backups of Customer Data hosted on AWS’s infrastructure every night. Customer Data backups are retained for at least 35 days. Each backup copy is stored redundantly across multiple availability zones and encrypted in transit and at rest using the Advanced Encryption Standard. Backups are fully tested every 24 hours to confirm that our processes and tools work as expected.
Our backups are for use in a major disaster event that affects all or some of the Greenlight Guru services. We have well-tested backup and restoration procedures that allow recovery from a major disaster.
We do not use these backups to revert customer-initiated destructive changes.
Greenlight Guru ensures all of our staff know how to do their work securely and are empowered to act accordingly.
Product engineering is required to follow security best practices. The product should be "Secure by Design '' and "Secure by Default". Our product and platform engineering teams incorporate the latest security best practices and automate security testing throughout the Greenlight Guru software development lifecycle.
We strive hard to build security into all aspects of our day-to-day operational processes. We want security to be an inherent part of how we do our work.
Where Greenlight Guru engages any third-party suppliers (including contractors and cloud service providers) we are intent on making sure those engagements do not in any way jeopardize our customers or their data.
[End of document]