Security Practices

Physical Access Control

The environment that hosts the VTEX services maintains multiple certifications for its data centers, including ISO 27001 compliance, FedRAMP authorization, PCI Certification, and SOC reports. With all those certifications come the physical access controls required for having them granted. For more information about their certification and compliance, please visit the AWS Security website and AWS Compliance website.

Admission Control

Access logging is available both at the application level as well as at the infrastructure level, as provided by AWS. Passwords have a minimum complexity enforced as well as two-factor authentication in order to perform administrative tasks, both on application and infrastructure level. All passwords are stored encrypted, as is any sensitive data.

Virtual Access Control

At VTEX we implement the means to make sure that each person has access to all resources they need to, and only to the resources they need to have access to. Roles are set and permissions granted to those roles to reflect those needs and are assigned accordingly.

There is also role-based authorization available in the application, so that each tenant has the ability to create their own roles and use them when delegating access to their administrative users.

Transmission Control

When transmitted, every data managed and processed by VTEX is encrypted. Web pages, including their forms, are only served through HTTPS channels and so are our API. Those channels are secured by the most up to date protocols and this is also verified by third parties during our certification assessments.

Access to production environment’s infrastructure, when eventually necessary for operational purposes, is possible only using a VPN.

Input Control

Access to any personal data is controlled according to the roles and permissions as stated under Virtual Access Control. All modifying actions on this kind of data is logged. All logs in VTEX are centralized and may be used for auditing.

Assignment Control

VTEX’s personnel admission includes personal screening up to the extent permitted by the governing law. Also, our employment contract includes a statement that binds them to the knowledge that every data owned by our tenants is considered confidential and as so they must be treated. Also audit trails are available to let VTEX enforce those bindings.

Availability Control

Besides leveraging on all of the physical availability features provided by AWS as part of their service, VTEX also implements all best practices suggested by them to make sure that our solution is as available as it can be. All our services as deployed to a multi-AZ environment and our Disaster Recovery Plan includes the existence of a failsafe AWS region.

We are also part of the AWS Well Architected program, by which we constantly verify our architecture and practices in the use of AWS’s resources together with an AWS specialist, to make sure that our solution is in the best conditions for availability and scalability.

Separation Control

VTEX Cloud Commerce platform comprises 70+ services, each of them with their own infrastructure and lifecycle. Every application has their own application servers and databases are always a separate infrastructure, as well.

Also, data and processing is segregated in the account level. An Account is the container of any data that belongs to a given tenant. By design, there is no way of accessing data without having to refer to the containing account.

There is separation not only at the account level, but also depending on the type of environment: our stable version runs in servers different than those serving beta versions, which are those candidates that are being validated by users. Development environments are also separated from production and beta environments.