Virtual Facility uses Google Cloud Platform (GCP) to host our application. We make full use of the security products embedded within the GCP ecosystem (such as Cloud Armor) and additional protections like an Intrusion Detection System. In addition, we deploy our application using containers that run on GCP managed services, meaning we typically do not manage servers, databases, or compute instances in production.
Virtual Facility encrypts data at rest and in transit for all of our customers. We use tools like GCP’s Cloud Key Management to manage encryption keys to ensure maximum security in line with industry best practices.
Virtual Facility regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, running application, and the deployed environment. Virtual Facility also uses GCP container scanning and high-quality static analysis tooling provided by GitHub (such as Dependabot) to secure our product at every step of the development process.