“Mobile app security is the highest priority at Modo. We consider our customer's security to be a cornerstone of our platform, so that they can depend on our software to transform their digital workplace or campus by implementing powerful mobile app solutions, while protecting their organization’s information assets and user privacy with advanced security technology.” - Andrew Yu, CTO

How Modo Secures Your App

Hosting

Where your workplace or campus app is hosted and how it’s being monitored is a critical priority. From premier global cloud hosting to security monitoring, our platform is prepared to protect your data.

  • Fast Service

    Modo provides the option of globally deploying in multiple AWS data centers worldwide so your users can get the fastest service no matter where they are in their travels.

  • Service Monitoring

    Modo utilizes a variety of monitoring services both from inside and outside of our cloud, continuously checking our quality of service including connectivity and resource levels.

  • HTTPS Usage

    All communications utilize HTTPS, both internally between Modo cloud services and externally.

  • Data Encryption

    All data on Modo’s cloud is encrypted when at rest with AES-256.

  • TLS Support

    Modo only supports TLS and does not support connections utilizing the deprecated and vulnerable versions of SSLv2/v3.

  • Redundant Backups

    Modo utilizes redundant services housed in multiple AWS Availability Zones for truly redundant data center availability.

  • Security Monitoring

    All configurations are managed through change management processes and intrusion detection systems are utilized to report on any unauthorized changes to our systems.

  • Scheduled Scans

    Modo’s hosting environment is regularly scanned for vulnerabilities by industry leading tools.

Additional Modo hosting and SLA details are available by contacting sales.

Hosting

Where your workplace or campus app is hosted and how it’s being monitored is a critical priority. From premier global cloud hosting to security monitoring, our platform is prepared to protect your data.

Fast Service

Modo provides the option of globally deploying in multiple AWS data centers worldwide so your users can get the fastest service no matter where they are in their travels.

Service Monitoring

Modo utilizes a variety of monitoring services both from inside and outside of our cloud, continuously checking our quality of service including connectivity and resource levels.

HTTPS Usage

All communications utilize HTTPS, both internally between Modo cloud services and externally.

Data Encryption

All data on Modo’s cloud is encrypted when at rest with AES-256.

TLS Support

Modo only supports TLS and does not support connections utilizing the deprecated and vulnerable versions of SSLv2/v3.

Redundant Backups

Modo utilizes redundant services housed in multiple AWS Availability Zones for truly redundant data center availability.

Security Monitoring

All configurations are managed through change management processes and intrusion detection systems are utilized to report on any unauthorized changes to our systems.

Scheduled Scans

Modo’s hosting environment is regularly scanned for vulnerabilities by industry leading tools.

Additional Modo hosting and SLA details are available by contacting sales.

Access

Entrusting Modo with your data means having confidence in the way we handle access to your data. We follow best practices in deploying controls, both with technology and processes, to enforce and limit secure least privilege access to systems and data.

  • Limited

    Only limited members of Modo’s operations teams have access to systems in Modo’s cloud environment.

  • Private

    Modo's hosting environment utilizes AWS Virtual Private Cloud (VPC). All platform hosts are located in internal private subnets inaccessible from the Internet.

  • Restricted

    All access to Modo servers is restricted to the proper hosts and ports by access rules, according to principles of least privilege.

Access

Entrusting Modo with your data means having confidence in the way we handle access to your data. We follow best practices in deploying controls, both with technology and processes, to enforce and limit secure least privilege access to systems and data.

Limited

Only limited members of Modo’s operations teams have access to systems in Modo’s cloud environment.

Private

Modo's hosting environment utilizes AWS Virtual Private Cloud (VPC). All platform hosts are located in internal private subnets inaccessible from the Internet.

Restricted

All access to Modo servers is restricted to the proper hosts and ports by access rules, according to principles of least privilege.

Application

Beyond hosting and access touchpoints, your app must have its own layer of protection. Our platform incorporates numerous methods to secure every component of your app from a variety of attacks and unauthorized access.

  • Monitored

    The Modo app is regularly scanned for vulnerabilities by industry leading tools and any issues identified are immediately addressed before release.

  • Protected

    The Modo platform has been designed to protect against OWASP common vulnerabilities.

  • Checked

    A separate testing environment is provided for checking your changes before deploying the changes to your live Modo app.

  • Role-Based

    Administrative accounts support a wide variety of role-based access, allowing you to provide fine-grained access to just specific parts of the Modo app.

  • Controlled

    Configure session times for both administrative logins and the end-user app separately to better meet your organization’s policies.

  • Testable

    Customers may perform vulnerability tests upon request.

Application

Beyond hosting and access touchpoints, your app must have its own layer of protection. Our platform incorporates numerous methods to secure every component of your app from a variety of attacks and unauthorized access.

Monitored

The Modo app is regularly scanned for vulnerabilities by industry leading tools and any issues identified are immediately addressed before release.

Protected

The Modo platform has been designed to protect against OWASP common vulnerabilities.

Checked

A separate testing environment is provided for checking your changes before deploying the changes to your live Modo app.

Role-Based

Administrative accounts support a wide variety of role-based access, allowing you to provide fine-grained access to just specific parts of the Modo app.

Controlled

Configure session times for both administrative logins and the end-user app separately to better meet your organization’s policies.

Testable

Customers may perform vulnerability tests upon request.

Accounts

Utilize your own authentication system to enforce who can access your app. Securely connect your own systems to Modo APIs and extend the functionality of your app.

  • Identity Provider

    The Modo app is able to use your Identity Provider through multiple protocols including SAML (including ADFS’ WebSSO), LDAP, Active Directory, OpenID Connect, and many others.

  • Passwords

    Customer administrative accounts, used to manage your Modo app instance, store their passwords utilizing today's industry best practice of one-way hash using the bcrypt algorithm with a unique salt.

  • Secure APIs

    Modo APIs, designed to be accessed from external applications systems, only allow HTTPS connections and unique authorization tokens to ensure access to only a specific service.

Accounts

Utilize your own authentication system to enforce who can access your app. Securely connect your own systems to Modo APIs and extend the functionality of your app.

Identity Provider

The Modo app is able to use your Identity Provider through multiple protocols including SAML (including ADFS’ WebSSO), LDAP, Active Directory, OpenID Connect, and many others.

Passwords

Customer administrative accounts, used to manage your Modo app instance, store their passwords utilizing today's industry best practice of one-way hash using the bcrypt algorithm with a unique salt.

Secure APIs

Modo APIs, designed to be accessed from external applications systems, only allow HTTPS connections and unique authorization tokens to ensure access to only a specific service.

Company

Your company can depend on our platform to keep data secure, allowing you to focus on enhancing user experience. Our company ensures we have the right people and processes in place to gain and maintain this trust.

  • Background Checks

    All employees must undergo a background check and are subject to an acceptable use policy.

  • Reporting

    Security incidents are reported 24/7/365.

  • Surveillance

    Our offices have 24/7/365 surveillance.

Company

Your company can depend on our platform to keep data secure, allowing you to focus on enhancing user experience. Our company ensures we have the right people and processes in place to gain and maintain this trust.

Background Checks

All employees must undergo a background check and are subject to an acceptable use policy.

Reporting

Security incidents are reported 24/7/365.

Surveillance

Our offices have 24/7/365 surveillance.

The only way to believe what our platform can do is to see it in action.

Webinar: Student Success is a Community Effort, with University of Central Florida

Register Today