The security objective is to design, maintain and operate the PlatinumDEX platform & SAAS to the highest possible standards.
This is not a “build it now and add security later” proposition.
The security team at PlatinumDEX are I.T. & physical security veterans with 100’s of years of combined experience across many relevant disciplines with stellar track records in advising and delivering successfully to the world’s largest financial institutions and western governments. The team fully recognize the absolute importance and necessity of delivering a turnkey highly secure platform from day one.
By comparison Standard Service Level Agreements (S.L.A.’s) as afforded by Public Cloud providers such Amazon AWS, Google, Microsoft, Azure etc. are often inappropriate or inadequate in the context of Fintech and elevated risk management.
Control of the PlatinumDEX platform, physical and logical security will not be ceded to third parties. The design principals employ rigorous physical and digital security mechanisms, including innovative use of blockchain technology, negating insider threat.
PlatinumDEX, taking a holistic approach has been designed with Logical & Physical security from the get go. PlatinumDEX, through the provision of its own proprietary technologies, a mix of fully hardened opensource and proprietary Operating Systems, and PlatinumDEX’s own design Hardened Servers, will ensure secure storage and transmission of data across all digital communications to and from the platform, while connected and while disconnected*. Customers will be advised with full tutorials on how to engage with PlatinumDEX secure platform easily and fully, utilising end to end encryption and encryption at rest. A multiplicity of ‘challenge and response’ technologies that utilize A.I, machine-learning and pattern matching is built into the platform.
The PlatinumDEX architects have designed a truly unique security focused infrastructure using a mix of proven proprietary weapons grade security solutions (that have never been widely commercially available) and prevalent known good security mechanisms. There will be no single point of failure. Security is designed to enable the smooth flow of transactions and maintain high availability with full Redundancy, Disaster Recovery and Back Up with world class Business Continuity Planning (BCP). The process and governance relating to Change control is an area of significance and to that end carbon neutral Blockchain technology will be utilised, also in a holistic and proprietary manner.
This will include addressing the external hacker threat as well the potential for insider malfeasance. The intellectual property to maintain a robust approach taken in multi-layer defence stack is clearly commercially sensitive, so no details will be published nor of the security team. Third party auditors will be in receipt of a Secure Operations Center real time feed, explaining for the record in Blockchain any necessary logical or physical change, the rationale, sign off and the authorised persons involved. The “Gold Image” because of design is not expected to change except through addition of features or fully tested and critical updates. The current security system design would not be affected by Meltdown nor Sceptre vulnerabilities and is highly resilient to zero-day vulnerability update requirements.
*Where utilizing nodes & Endpoint Devices supplied by PlatinumDEX