One of the questions we get asked often is "How do I know that my data is secure"?
As you might imagine, the answer has multiple levels of complexity. So we thought it might be best to break things down in an article.
Installation
Prior to Report Toaster being allowed in the Shopify app store, we were subjected to a rigorous app review process. During the review process, we were required to fulfill all of the
requirements for public apps on Shopify.
Let's dig a bit deeper into a few of those that are related to security.
OAuth
Once a merchant decides to install Report Toaster, our app must authenticate using Shopify's
OAuth process. This process uses the
OAuth 2.0 specification, which is a framework intended to enable third-party access to HTTP services.
The Shopify OAuth implementation is a multi-pass authentication process which allows apps access to the Admin API. Permissions
As part of the OAuth process, Report Toaster requests only the
permissions it needs to provide comprehensive reporting to merchants.
Upon install, merchants are prompted to review the permissions requested by Report Toaster:
The Permissions currently requested for the following Admin API endpoints are as follows:
- Customers - Read only
- Orders - Read only
- Products - Read only
- Discounts - Read only
- Locations - Read only
- Product Prices - Read only
- Shop - Read shop and Edit script tags
Report Toaster Access
The Report Toaster application is a non-embedded Shopify app, meaning that it exists in a separate browser window from the Shopify Admin.
However, the app does not allow independent login and can only be accessed via the Shopify admin portal. This ensures that only staff members with access too a merchant's Shopify admin can access Report Toaster and the data contained within.
In addition, all browser requests from a Report Toaster user to retrieve reports are done using
HTTPS. This guarantees protection and integrity of all data while in transit between the Report Toaster servers and a user.
Data Infrastructure
The Report Toaster application and all associated merchant data is hosted in an
AWS VPC, allowing us to leverage best-in-class cloud infrastructure and services.
You can read more about AWS cloud security here and the individual services here.Networking
The Report Toaster infrastructure implements the following security measures:
- A web application firewall (WAF) that intelligently blocks intrusion attempts.
- AWS-based protection against distributed denial of service attacks.
- Robust internal and external monitoring to immediately alert us to any network anomalies.
- Public and private infrastructure are separated by VPCs (virtual private networks).
Databases
The Report Toaster data is stored in MongoDB database. We use the following data security measures:
- Live data is replicated across three AWS availability zones.
- Database is backed up every four hours.
- Encryption at rest - the data is stored encrypted on disk.
- Encryption in transit - data is encrypted in transit between servers.
- Servers are physically protected in AWS data centers.
Data Privacy
We understand that the data stored in Report Toaster is extremely important to our merchants and their customers. That is why data privacy is our number one priority, and this is reflected in our
privacy policy.
Compliance
We pride ourselves on being both GDPR and CCA compliant. This includes responding to all required
Shopify GDPR webhooks.
Retention
Sharing
We NEVER share any customer data with third parties.
Least Privilege
We subscribe to the concept of
least privilege security. This means our staff is granted access to merchant data only as necessary and for the shortest period of time required.
As mentioned at the beginning of the article, all Shopify apps must comply with a series of security and privacy requirements. These requirements are as follows:
Security Requirements Privacy Requirements
For more information about using Report Toaster, check out our FAQ or reach out to us at any time :)