We recognize that our clients entrust us with sensitive operational and possibly healthcare-related information, so protecting that data is critical. Packem is hosted on Amazon Web Services (AWS) and leverages HIPAA-compliant AWS services to ensure all data is handled securely and in accordance with industry regulations.
Secure AWS Cloud Infrastructure: Packem is hosted on Amazon Web Services (AWS), which means our platform benefits from AWS’s extensive security investments. AWS data centers and services are certified for high security standards and compliance frameworks. In particular, AWS offers a HIPAA-eligible environment for handling protected health information – PackemWMS uses only HIPAA-compliant AWS services under an executed Business Associate Agreement (BAA) to meet rigorous healthcare data protection requirements. This cloud foundation ensures that our system’s underlying hardware, network, and facilities adhere to strict security and privacy controls.
AWS Built-in Protections: By running on AWS, Packem inherits a suite of industry-leading security features. For example, AWS’s network firewalls (such as Security Groups and NACLs) and Virtual Private Cloud isolation help lock down our environment, allowing access only to authorized traffic. AWS provides robust DDoS (Distributed Denial of Service) protection at the network edge to guard against large-scale attacks, as well as tools like AWS Shield and AWS WAF to filter out malicious traffic. In addition, AWS has automated monitoring and logging services (like Amazon CloudWatch and AWS CloudTrail) that we utilize to continuously oversee the health and security of our environment. These services can automatically alert our engineers to unusual activities or potential issues, enabling quick response.
Encryption at Rest: All customer data managed by Packem is encrypted at rest to protect its confidentiality. Our primary databases run on Amazon RDS, where the storage volumes are encrypted using strong AES-256 encryption. This means that the data residing in our databases (including any automated backups, read replicas, and snapshots) is scrambled using a 256-bit key, making it unreadable to anyone without the proper decryption keys. Even if an unauthorized person were to gain access to the physical disks or backup files, the encrypted data would be useless to them. PackemWMS relies on AWS Key Management Service (KMS) to manage encryption keys securely, adding an extra layer of control.
Encryption in Transit: Data in transit between clients and PackemWMS is equally protected. We enforce Transport Layer Security (TLS) encryption (the successor to SSL) for all communications. Whether you are accessing the Packem web interface, calling our APIs, or transferring data between Packem and other systems, the information is sent over HTTPS with TLS. This ensures that sensitive data (such as login credentials, inventory data, or any transaction details) cannot be intercepted or read by eavesdroppers while it travels over the internet. By using the latest TLS protocols and strong cipher suites, Packem defends against man-in-the-middle attacks and guarantees the integrity and confidentiality of data during transfer. In summary, from the moment data is stored in our databases to the moment it is transmitted to authorized users, it remains encrypted and secure.
PackemWMS doesn’t rely solely on built-in safeguards – we actively audit and test our security on a regular basis. In fact, we undergo periodic security audits in collaboration with Microsoft. By partnering with Microsoft’s security experts, we benefit from an external, seasoned perspective on our platform’s security posture. During these audits, our entire system is examined for potential vulnerabilities, misconfigurations, or gaps in compliance. The audit process can include code reviews, configuration inspections, and infrastructure assessments that align with best practices recommended by both AWS and Microsoft’s security frameworks.
Findings from these audits are taken seriously: if any potential vulnerability is identified, it is promptly addressed with remediation steps or improvements to our policies. In addition to formal audits, PackemWMS also performs routine vulnerability assessments and penetration testing.
These tests simulate real-world attacks on our application and infrastructure to ensure we can withstand them. The combined efforts of internal testing and external audits (with Microsoft’s involvement) give our clients confidence that PackemWMS’s security is continuously being validated and strengthened.
Disaster recovery is a critical component of PackemWMS’s overall security and reliability strategy. We have designed our system with the assumption that unexpected incidents can happen, and we plan accordingly to minimize any impact on our clients’ operations. Here are some key elements of our disaster recovery and backup practices:
Protecting production data at the access level is under Packem’s security practices. We implement strict controls to ensure that only the right people can get to sensitive information, and even then, that their access is limited and monitored. Our approach to access security includes the following: