Security Measures at Grain

Grain isolates production data systems from test and development systems.

Grain utilizes non-routable internal network addresses (RFC1918) and Network Address Translation.

Proxy servers are used to mediate network connections that cross network boundaries.

All devices connecting to the network have an approved build/configuration standard.

Grain continuously monitors and alerts of security logs via AWS GuardDuty and Security Hub controls.

Grain prohibits the use of insecure administrative protocols such as Telnet, SNMPv1.

Grain hosts all infrastructure within Amazon Web Services.

Grain operates anti-virus/anti-malware controls on all applicable devices.

Real-Time Updates are provided in regards to anti-virus, anti-malware, and other signature-based solutions updated with the latest signatures.

All Grain employees sign Privacy + Security Policies, Confidentiality Agreements, NDA and User Agreements.

As of 2022 Grain has 0 known security breaches.

As of 2022 Grain has not been the subject of any investigations or Law Suits.

Designated Privacy contact: Ryan Johnson - Principal Engineer, Gus Bartholomew - Head of Operations

Grain prevents client data from being written to removable media sources.

All Grain users have unique IDs for all systems and applications.

User IDs are prevented from containing content indicating their access level.

Dormant IDs are disabled/deleted after 7 days of service termination / 60 days from all storage backups.

Grain requires minimum length of 16 characters with mixed alphanumeric, multi-factor authorization.

Grain enforces inactivity timeouts to lock applications after a period of time.

Grain operates on a “Lease Access” basis whereby access to any system has to be granted.

Grain routinely reviews access levels which are periodically reviewed by IT and data owners to ensure individual access rights are appropriate based on job information.

Grain maintains a Cyber Insurance policy.