Our Custom Software Development Services
This is how we do it
CLOUD COMPUTING VIA AWS
Amazon Web Services (AWS) is the world’s leading cloud platform with loads of exciting features to help a business launch and grow. It is also our choice of technology for cloud computing. We can help upgrade and move existing databases to the Cloud with minimal hassle, easing the transition by handling all the legwork.
Unimedia Technology’s offer goes beyond regular cloud engineering. The expertise of our AWS-certified solutions architects assures your company constant, scalable, secure, and flawless software development, achieved through accurate care and monitoring of every little detail.
We provide bespoke, creative and effective solutions to meet our clients’ needs. Fluent in a wide gamut of technologies, we are able to support your projects from start to finish by delivering a complete end-to-end product or service as required.
We are experienced in building customised applications for device providers. We will develop, deploy and manage, keeping the process simple for you.
We are experts in AWS
We are especially good at scalable AWS based systems, from Front end SPAs in Angular, React; Cross platform mobile in Xamarin, Ionic, to backends with Docker, Serverless, Lambdas, Node, Python and Java.
We provide high quality App, Web and full system architecture and development, always via the best practices and with security as the backbone of every single project we do.
Our guarantees assure a smooth journey to the Cloud.
Bespoke Software Development Company UK
Amazon Web Services
Data Security is the backbone of all Unimedia Technology projects
From front to back, the following security systems apply:
1. User Login Credentials
Access to the portal based in User name and password. AWS Cognito service protects and validates credentials. Passwords are encrypted and protected by AWS Cognito, never readable directly. The password recovery mechanism in case the user forgets, uses links and temp passwords, it will never send the original credentials back to the user by email. Cognito also offers Multi factor authentication.
2. Server Verified
We use a Server Certificate to validate the authenticity of the domain / portal the users are on. The user’s browser will display the lock to inform they are in a trusted secure site.
3. TLS Encrypted
All the data exchanges between the browser and the servers is done over Transport Layer Security (TLS), which does a key exchange via a secure handshake process and uses this key for async encryption of all the data interchange.
4. AWS Datacenter Security
AWS is responsible for part of the security of their cloud, which includes all the physical and environmental controls, and
Unimedia Technology is responsible for the security in the application and platform layer.
Here we leverage AWS ’s security muscle, which is rigorously applied to their Datacentres.
Amongst the several standards, AWS adopts Centre for Internet Security (CIS), which includes CIS-CAT-Pro, CIS Benchmark and CIS Controls, all built into AWS Security Hub, in addition to the AWS NIST compliance.
5. Web Application Firewall (WAF)
At this point, the AWS Firewall inspects the incoming requests for common threads and only allows those from the internet to the SSL port 443.
The Load balancer then distributes the load across the active servers and spawns new servers if there is a peak of traffic, using an autoscaling policy.
6. Server Firewall
The server instances have a firewall that will only accept incoming network traffic from the Load balancer on a specific network port.
7. Security Updates
The Application server instances are maintained to contain the latest security patches. Inside the servers, security modules run like ModSecurity from Apache which looks for common threads.
Access to these servers by the team staff is tightly controlled by AWS IAM (Ident and Access Management).
At application tier, controls based on JWT tokens validate which users can access which APIs.
8. Database Tier Firewall
The database servers are behind a firewall that only accepts incoming traffic originated from the Application Servers on a specific port.
9. Secure Subnet
The database servers are physically located in a different subnet from the Application servers, and this subnet has no external internet access.
It is a network security architecture sometimes referred as DMZ or Perimeter network, a layer of protection for private resources from intrusion.
10. Disk Encryption
The database servers encrypt all the data at rest using AES 256 encryption algorithm.