Fuel50 is secure, reliable and resilient AI cloud-based technology designed for hosting scalable, global enterprise-grade applications and business services. Our global clients trust Fuel50 knowing our infrastructure and systems provide ultimate security and privacy.
Fuel50’s technology features enterprise-grade security, data handling and protection, and is proud to be SOC2 Certified.
Security Functions & Features
Hosting & Compliance
Fuel50’s cloud solution is hosted in a HIPAA compliant, PCI Compliant, SOC2 & ISO 27001 certified data center. For GDPR requirements, Fuel50 offers a European Datacentre in addition to its North American data-center. More regions are available upon request so please contact us if you have unique requirements.
Confidentiality, Integrity & Availability
Fuel50 designs its security based upon the concepts of the C.I.A. Principle of Information Security: Confidentiality, Integrity, and Availability.
Fuel50 follows the principle of “encrypt in transit, encrypt at rest” for all client data. All client data is held in an encrypted database within a Virtual Private Cloud, and all database backups are also encrypted. All data in transit is encrypted via HTTPS.
Fuel50 uses safe delete methods to remove client data upon request by the client. Automated processes can be setup to automatically remove archived data at a frequency desired by the client.
Fuel50 uses a role-based security architecture and requires users of the system to be identified and authenticated prior to the use of any system resources. Resources are protected through the use of native system security and add-on software products that identify and authenticate users and validate access requests against the users’ authorized roles in access control lists.
Fuel50 hosts data in world-class, highly secure data centers which utilize stateof-the art electronic surveillance and multi-factor access control systems. Data centers are staffed 24×7 by trained security guards, and access is authorized strictly on a least privileged basis. Environmental systems are designed to minimize the impact of disruptions to operations.
Vulnerability Scanning & Monitoring
Fuel50 uses a third-party vendor (TPV) to perform security vulnerability assessment and penetration testing services on its infrastructure and software. A variety of technologies, tools, and techniques are employed by the TPV to provide broad coverage against various types of threats. Fuel50 also employs continual scanning and monitoring systems such as HIDS, NIPS and Automated Pen Testing software.
Our software license comes with a ≥99.95% uptime SLA. In order to achieve a high availability system, our infrastructure architecture includes built-in redundancy, with load balancers which are able to detect a server at capacity and automatically switch over to other servers to balance web traffic evenly. Web servers and databases are hosted across multiple availability zones (AZ’s) in what is known as a “Multi AZ” architecture. Each AZ has its own power grid and is in its own earthquake and flood plain area, giving a level of geographic isolation in the case of an adverse event.
Customer data is managed, processed, and stored in accordance with the relevant data protection and other regulations, with specific requirements formally established in customer contracts. This data is managed and stored in a secure database instance.
Confidentiality & Privacy
Fuel50 goes to great lengths to ensure the confidentiality and privacy of its customers. We have extended documentation which outlines in greater depth how our security infrastructure is managed, as well as data handling and privacy measures.
Data Handling & Management
Fuel50 provides the following means for your teams to monitor the quality of their data and resolve any issues with simple data transfer:
- A daily report is automatically sent via email to your data management team upon each run of the data. This contains information on any records which failed to update and the reason why they failed (e.g. missing data/bad format).
- A data quality report can be viewed by users with escalated privileges (e.g. your data management team). This enables data managers to quickly identify where the biggest gaps in the data are. Examples: Users with no manager set, Users with no current-role set, etc.
- Client Data Managers can re-load the most recent files from the data management control panel.