API Security

Validation tools and redundancies to make your information more powerful


API – Security

Storage Redundancy
AvidMobile has multiple servers hosted in a few strategically, geographically dispersed areas throughout the United States. The AvidMobile servers are segregated by functionality and each functional server has redundancies so that one server can go down without an impact to the infrastructure. To further protect and secure the network architecture AvidMobile partnered with one of the world’s largest DDOS protection firms to leverage their globally distributed CDN and DDoS protection so that AvidMobile’s application can withstand even the most malicious of attacks while still operating at peak performance.

Detail Oriented
The AvidMobile application is built on a LAMP stack. The application is divided into an MVC framework developed by AvidMobile in order to provide a modular design and to allow for multiple layers of data validation. The database servers do full backups every night as well as binary logging for every transaction in order to maintain complete data integrity. By following best practice programming standards AvidMobile’s application eliminates vulnerabilities that many other SaaS applications face such as SQL injection, XSS, Remote File Inclusion and Session Hijacking.

Up-to-date Encryption Methods
AvidMobile takes the privacy of its clients very seriously and uses very strict programming standards to secure customer’s data. Sensitive data stored in the AvidMobile database is encrypted using multiple forms of encryption algorithms. All algorithms employed by AvidMobile are open source to ensure that the algorithms are verifiably secure and do not contain backdoors or other means of subversion. All traffic passed to the AvidMobile is transmitted via an SSL connection with a minimum key size of 256 bits. This ensures that any sensitive data transmitted from an end users machine to AvidMobile’s application cannot easily fall victim to packet sniffing or man-in-the-middle attacks.