Cronofy holds data in line with the Cronofy Data Management policy.
This page describes in more detail how Cronofy uses cloud service as part of that.
Data centers #
- AWS is responsible for the security of the cloud
- Cronofy is responsible for the security in the cloud
Cronofy uses AWS inline with AWS’s Well-Architected framework with all changes made via version-controlled processes.
Environment segregation #
All environments run within their own AWS account to ensure strict boundaries are in place beyond running within their own Virtual Private Cloud (VPC).
Employees authenticate with a central AWS account before assuming a delegated role in other AWS accounts.
Each environment operates as an entirely separate instance, with no personally identifiable information (PII) flowing between them.
Environment resilience #
All environments leverage three Availability Zones in the region they operate within. This ensures resiliency in the face of power outages and such like within an individual zone.
Managed AWS services used by Cronofy are also configured to run across multiple Availability Zones.