At VTEX, we are committed to follow the most effective security practises and measures, ensuring that accesses are controlled and data is safe and secure. Below, you will find out about some of our practises, and how each one works.
Virtual Access Control
At VTEX, we make sure that each person has access to all the resources they need, while at the same time restricting access to only required resources. Roles and permissions are assigned accordingly.
There is also role-based authorization available in the application so that each tenant has the ability to create their own roles and use them when delegating access to their administrative users.
When transmitted, every data managed and processed by VTEX is encrypted. The data is secured by the most up-to-date technologies, which are also verified by third parties during our certification assessments.
Access to any personal data is controlled with roles and permissions, as mentioned under Virtual Access Control. Every modification of this kind of data is logged.
VTEX Cloud Commerce platform comprises 70+ services, each of them with its own infrastructure and lifecycle. Every application has its own application servers. Also, databases are always in a separate infrastructure as well.
In addition, data and processing is segregated at the account level. An Account is the container of any data that belongs to a given tenant. By design, there is no way of accessing data without having to refer to the containing account.
There is separation beyond the account level, depending on the type of environment: our stable version runs in servers different from those serving beta versions, which are versions being validated by users. Development environments are also separated from production and beta environments.
Compliance to standards VTEX is certified to, such as PCI DSS and SOC 2, demands a vulnerability management program to be in place. This is ensured by a combination of internal and third-party penetration testing and vulnerability scanning.
The Change Management in our organization follows a documented process, as required by certifications such as SOC 2. Deployments to development and production environments are automated, being triggered by reviewed and approved releases from our versioned code repositories. Each microservice contains a main branch that is protected and can only be modified after being approved by at least two developers, ensuring that peer-reviewing and segregation of duties are baked into the process. After that, a webhook is sent and a new environment is automatically created without need for further commands.
Finally, the developer defines the auto scaling configuration and the number of instances in the new environment, and slowly switches traffic over. This blue-green strategy of deployment ensures that any problems are detected with very little production traffic (usually 1%) through observing the system’s metrics, and rollbacks are immediate since the previous environment still exists.
Customer and Network Segregation
Production network is completely isolated from external networks. VTEX employees responsible for production environments operation may need eventual VPN connection to access the production network. Customer information is contained by a store account and is isolated from different accounts by VTEX’s proprietary process and storage implementation. No integrated data access method is available that crosses the boundaries of different accounts, even for VTEX internal use. The only way to access data requires the explicit indication of a specific account, and going through the proper authentication process.