Data usage 4.1:
PII is essential for the operation of our application. For Order Fulfillment: Customer names, addresses, and contact information is critical for processing and fulfilling orders. This include shipping products, providing delivery updates, or handling customer inquiries and support. A lot of our orders are shipped with freight carriers.
We are committed to adhering to Amazon's policies regarding PII. PII solely for purposes that are compliant with Amazon’s guidelines, such as fulfilling orders or adhering to legal, tax, and regulatory obligations.
We will implement safety to ensure the secure handling and storage of PII. Encryption, access controls, and other relevant security protocols. We understand the responsibility that comes with handling PII and we have robust systems in place to protect it.
We will maintain a clear documentation regarding the use of PII and ensuring transparency with authorized user.
Access Management 1.2 and Least Privilege Principle 1.3.
In compliance with Amazon SP-API's requirements, our organization has established a rigorous access management system that aligns with the principles of unique identification and least privilege.
Unique Identification: Each employee within our organization is assigned a unique user ID that correlates with their specific role and access needs. This ensures that every interaction with Amazon's information can be traced to an individual, eliminating the risks associated with generic or shared accounts. Need-to-Know Basis: Access to Amazon's information is strictly governed on a need-to-know basis. Employees are only granted access to the specific data necessary for their job functions. This policy is enforced through role-based access control mechanisms, ensuring that each employee's access rights are aligned with their job responsibilities and nothing more. Prohibition of Information Storage on Personal Devices: Our security protocols explicitly forbid the storage of Amazon's information on personal devices. All interactions with sensitive data are confined to our secure, monitored, and controlled IT environment. Account Lockout and Anomalous Usage Detection: We have implemented robust systems for detecting anomalous login attempts and usage patterns. Accounts displaying unusual activity are automatically locked, and investigations are promptly conducted to assess any potential security breaches. Quarterly Review of Access: In adherence to Amazon's guidelines, we conduct a thorough review of all individuals and services with access to Amazon's information on a quarterly basis. This regular audit ensures that only current employees have access and that their access levels are still appropriate. Immediate Access Revocation for Terminated Employees: Access rights for any terminated employee are revoked within 24 hours of their departure. This process is automated to eliminate delays and potential oversight. Implementation of the Least Privilege Principle: Our access control mechanisms are designed to enable fine-grained access control, strictly adhering to the least privilege principle. This approach minimizes the risk of unauthorized access, ensuring that rights are granted only to the extent necessary for specific tasks associated with the application and its operators.
Asset Management 2.3.
Our organization has implemented a comprehensive set of controls and policies. We maintain a strict baseline standard configuration for all our information systems, ensuring they are updated and audited quarterly. This includes a detailed inventory of all software and physical assets that have access to PII.
To specifically address the concern of preventing access from personal devices such as USB flash drives and cellphones, we have enforced a clear 'No External Device' policy. This prohibits the use of any personal removable media on company devices and in company premises. Our IT infrastructure includes Data Loss Prevention (DLP) controls that actively monitor and prevent the transfer of sensitive data to unauthorized devices or external services. These DLP controls are configured to detect and block any attempt to copy or move PII or Amazon Information to unsecured devices or platforms.
In addition, our network security systems are equipped with intrusion detection capabilities that alert our security team in real-time in the event of any unauthorized access attempts or policy violations. These alerts are managed through a centralized security incident management system, ensuring rapid response and resolution.
We also mandate that all PII stored digitally, whether on our servers or in transit, is encrypted using industry-standard encryption methods such as AES-128 or RSA-2048 bit keys. Our policy explicitly forbids the storage of PII on removable media, personal devices, or unsecured public cloud applications.
Please note, we do note use any physical document management containing PI.
Regular training and awareness programs are conducted to ensure all employees are fully aware of these policies and the importance of protecting sensitive information. Compliance with these policies is mandatory for all staff, and violations are subject to disciplinary action.
Our proactive approach in asset management and data security ensures the highest level of protection for Amazon Information, fully aligning with the requirements set forth in your policy.
Data Governance 2.2
We take data governance and the protection of personal information (PII) very seriously. Our broad privacy and data handling policies are designed to meet and exceed industry standards and regulatory requirements. Below is an overview of our practices:
Data Collection: We collect data in a transparent manner, ensuring all necessary consents are obtained. Data Processing: Data is processed only for legitimate purposes directly related to our services. Processing activities are closely monitored and recorded. Data Storage: All data is securely stored using encrypted databases and is accessible only by authorized personnel. Data Usage: The use of data is strictly limited to providing and improving our services. We do not use data for any unauthorized purposes. Data Sharing: We share data only as necessary, for example with partners or as required by law. All sharing is governed by strict confidentiality agreements. Data Disposal: We have a clear policy for data disposal, ensuring data is irreversibly destroyed when no longer needed. Compliance with Laws and Regulations: We regularly review and update our practices to ensure compliance with all relevant privacy and security laws and regulations. Customer Consent and Data Rights: We adhere to a stringent privacy policy that respects customer consent and data rights, including access, rectification, erasure, and the right to stop sharing/processing information. Technical and Organizational Measures: We have implemented robust technical and organizational processes to assist users with data subject access requests. Employee Confidentiality Agreements: All employees who handle PII are bound by contractual confidentiality provisions to ensure the ongoing protection of this data.
Encryption at Rest 2.4
We prioritize the security and confidentiality of all data, particularly PII. In compliance with Amazon's SP-API requirements, here are the details of our data storage and encryption practices:
Data Storage Location: Amazon Information is stored at safely. We ensure that our storage solutions are compliant with industry-standard security certifications and regulations. Encryption Algorithm Used: All PII at rest is encrypted using Advanced Encryption Standard (AES) with a 128-bit key. This encryption level ensures the confidentiality and integrity of the data. Management of Cryptographic Materials: The cryptographic materials, such as encryption and decryption keys, are managed and safeguarded rigorously. These materials are accessible only to our authorized processes and services. We employ Hardware Security Modules (HSMs) to ensure the highest levels of security and control. Cryptographic Capabilities: Our system incorporates virtual Trusted Platform Modules which are dedicated to the encryption and decryption of PII at rest. These capabilities are integral to our security infrastructure and are strictly confined to our authorized processes.
We continuously monitor and update our security measures to adhere to the best practices and compliance requirements in data protection and encryption.
Logging and Monitoring 2.6
Our organization employs a strong approach to monitor, detect, and log malicious activity in our applications, ensuring compliance with Amazon's SP-API requirements. We utilize a state-of-the-art Security Information and Event Management (SIEM) tool that facilitates real-time analysis of security alerts generated by applications and network hardware. This tool is configured to monitor all channels, including service APIs, storage-layer APIs, and administrative dashboards.
For logging, we capture detailed information such as the nature of the event (success or failure), date and time, access attempts, data changes, and system errors. These logs are stored securely, with stringent access controls in place to prevent unauthorized access and tampering. We are mindful of the sensitivity of PII, because of that our logs contain PII only when necessary to meet legal requirements, such as tax or regulatory obligations.
We retain our logs for a minimum of 90 days to facilitate reference in case of a security incident. Our system is configured to detect anomalies such as multiple unauthorized calls, unexpected request rates, high data retrieval volumes, and access to canary data records.. We have set up monitoring alarms and processes to immediately flag any instance where information is extracted from, or found beyond, its protected boundaries.
In the event of an alarm trigger, our team undertakes a thorough investigation as part of our Incident Response Plan. This plan is documented and periodically reviewed to incorporate evolving best practices and comply with legal requirements. Our commitment to security is unwavering, and we continually assess and enhance our security measures to safeguard the integrity of our applications and the data they handle.
Risk Management and Incident Response Plan 1.6
Our organization has a extensive Incident Response Plan (IRP) in place, designed to effectively handle database hacks, unauthorized access, and data leaks. This plan is a critical component of our overall risk management strategy and is reviewed annually by senior management. Key steps in our IRP include:
Identification and Assessment: We utilize advanced monitoring tools to detect anomalies indicative of security incidents such as unauthorized access or data breaches. Upon detection, our incident response team assesses the severity and potential impact of the incident. Containment: Immediate actions are taken to contain the incident. This includes isolating affected systems to prevent further unauthorized access and limiting the scope of data compromise. Eradication and Recovery: Our team identifies the root cause of the incident and takes steps to eliminate it. This is followed by a recovery process to restore any impacted services to full functionality while ensuring system integrity. Notification and Escalation: In line with Amazon’s guidelines, we notify Amazon via email at 3p-security@amazon.com within 24 hours of detecting a security incident. We also have an escalation path in place for internal and external stakeholders, including relevant government or regulatory agencies as required by local laws. Investigation and Documentation: Each incident is thoroughly investigated to understand its nature and scope. We document all findings, including a detailed incident description, remediation actions taken, and corrective process/system controls implemented to prevent future occurrences. Review and Verification: Our IRP is reviewed and verified every six months and after any major infrastructure or system change. This ensures that our response strategies remain effective and up-to-date with current threat landscapes. Evidence Preservation: We maintain the chain of custody for all evidence or records collected during the incident response. This documentation is available to Amazon upon request. Communication: In the event of a security incident, we refrain from representing or speaking on behalf of Amazon to any regulatory authority or customers unless specifically requested by Amazon in writing.
Our IRP is not only a commitment to safeguarding our systems and data but also an assurance of our dedication to maintaining the highest standards of security in collaboration with partners like Amazon.
Credential Management 1.4
Our organization has implemented a robust incident response plan to handle potential database hacks, unauthorized access, and data leaks. This plan includes several key steps:
Immediate Identification and Isolation: Upon detection of any suspicious activity, our IT team promptly identifies and isolates the affected systems to prevent further unauthorized access or data leakage. Credential Reset and Access Review: We enforce an immediate reset of credentials, adhering to Amazon's stringent password requirements of a minimum of twelve characters, a mix of upper and lower-case letters, numbers, and special characters, and MFA for all user accounts. We also review all access permissions to ensure only necessary personnel have access to sensitive information, including API keys. Encryption and Security of API Keys: In line with Amazon's requirements, we ensure all API keys provided by Amazon are encrypted. Access to these keys is strictly controlled and limited to essential employees only. Investigation and Analysis: Our security team conducts a thorough investigation to understand the nature and extent of the incident. This involves analyzing how the breach occurred, the type of data accessed, and implementing measures to prevent similar incidents. Notification and Reporting: We adhere to legal and regulatory requirements regarding breach notification. Relevant stakeholders, including users and regulatory bodies, are informed as required. Remediation and Recovery: We implement measures to secure our systems, such as patching vulnerabilities and enhancing firewall protections. Affected systems are restored and monitored for any further anomalies. Review and Update of Security Policies: Post-incident, we conduct a comprehensive review of our security policies and procedures. This includes updating our incident response plan to reflect lessons learned from the incident. Ongoing Training and Awareness: We conduct regular training for our staff to ensure they are aware of best practices in data security and understand the importance of protecting user information and complying with Amazon’s standards.
Secure Coding Practices 2.5
In accordance with secure coding practices, our approach to protecting PII during testing involves a combination of strategies. Firstly, we maintain separate environments for testing and production, ensuring that any PII used in testing is not mixed with real user data. For testing purposes, we use either anonymized data or synthetic data that mimics real user data but does not contain actual PII. Additionally, we employ robust access controls and encryption to safeguard any data used during testing.
We ensure that sensitive credentials, such as encryption keys, secret access keys, or passwords, are not hardcoded in our code. Instead, these credentials are managed securely using environment variables and secret management tools. Our team follows a strict code review process to ensure that no sensitive credentials are exposed in public code repositories.
Moreover, we conduct regular security audits and vulnerability assessments to strengthen our security posture further. By implementing these measures, we adhere to industry best practices for PII protection, ensuring that any personal data is handled securely and responsibly during our development and testing processes.
Vulnerability Management 2.7
Our approach to tracking remediation progress of findings from vulnerability scans and penetration tests involves a comprehensive and systematic process. Upon completion of each vulnerability scan and penetration test, findings are documented in a centralized tracking system. This system categorizes each finding based on severity, impact, and complexity of remediation. The operation to fix vulnerabilities takes us few hours at the most.
For each identified vulnerability, we assign a responsible team or individual to oversee the remediation process. We establish clear timelines for addressing each finding, prioritizing based on severity and potential impact on data security, especially PII. Regular updates on the remediation progress are required, and these are logged in the tracking system, ensuring continuous monitoring and accountability.
In addition to immediate remediation efforts, our process includes a review stage where the effectiveness of the remediation is evaluated. This is done through follow-up scans and tests to ensure vulnerabilities are fully resolved. We maintain detailed records of all actions taken , from initial detection to final resolution, for audit and compliance purposes.
To ensure we adhere to best practices and compliance requirements, we conduct vulnerability scanning at least every 180 days and penetration testing every 365 days, alongside scanning code for vulnerabilities prior to each release. Changes to storage hardware are rigorously tested, verified, approved, and access to these actions is strictly controlled. In the event of a physical or technical incident, our robust procedures and plans are designed to restore availability and access to PII in a timely and secure manner.