At MoneyForward i, we take security & compliance seriously and know how important it is in today’s increasingly globalized and digitalized world of SaaS applications. Our customers’ security concerns are of paramount importance to us, which is why we ensure that your data in Admina by MoneyForward (Admina) is protected locally and on our servers through our strict security protocols. We follow the industry standard in security & compliance and are constantly applying better protocols to protect you and your data.
MoneyForward i adheres to industry and international standards in cybersecurity protocol.
All user credentials used for integration with SaaS services are encrypted using AES-256 (Advanced Encryption Standard) encryption before getting saved to our database. Credentials for each integration and each organization in our system are encrypted using different encryption keys. The keys are managed by Amazon Web Services Key Management Service (AWS KMS), which has its own hardware-level safety measures to protect encryption keys. We went a step further to isolate the credential database from the rest of the application database, allowing for stricter security control.
Admina is built with front-end and back-end API separately. API access is restricted through member and admin scopes; the organization administrators can customize permissions for every account registered in Admina. After a user requests access to the API server, the server will ensure that the authenticated user has the proper scope to invoke the API and grant them access. Only users with admin-level permission are allowed access to the settings and other administrative functions, such as payments.
All SaaS app connections and deprovisioning actions are recorded in the system for auditing purposes. Audit logs for the last three months are stored in the Admina database, which users can freely access through the application.
Admina utilizes SAML authentication to allow for the implementation of Single Sign-On (SSO) so that customers can set their own access rules, such as multi-factor authentication (MFA).
Admina uses AWS to manage all infrastructure resources, including the compute layer, database, and messaging service. Amazon maintains and demonstrates SSAE-16 SOC 1, 2, and 3; ISO 27001; and FedRAMP/FISMA reports and certifications. Our platform’s infrastructure is located on servers in secure data centers.
The Admina infrastructure is split between the web system and the system that keeps user-sensitive data for stricter control. We allow for no inbound public access to the latter.
All data sent to or from Admina is encrypted using TLS, and all customer data is encrypted at rest by AWS Aurora and AWS DynamoDB.
The Admina infrastructure is designed to be fault-tolerant. All databases operate in cluster configurations, with auto-scaling when applicable. This provides additional redundancy and resiliency to customer data.
Access to all Admina systems is managed through our identity provider Azure AD, which automates user provisioning, enforces two-factor authentication (2FA), and logs all activity. Only limited members have access to the production environment.
Since we’re very serious about security, we’re also currently in the auditing process to obtain SOC 2 certification. If you have any security concerns, please reach out to our team at [[email protected]] so that we can address them promptly.
© 2023 Moneyforward i, Inc.