Assistant Media Security Overview

Last Updated: October 21st, 2021

Info for our tech wizards


We take security of customer data extremely seriously. We host using comprehensively hardened infrastructure-as-a-service (IaaS) platforms from Amazon Web Services.

Product security

Accessing any data is restricted to authorized users that are authenticated using the AWS standards-based Identity Provider. All identity and access management is done directly with AWS.

Physical security

Production data is processed and stored within world-renowned data centers that use state-of-the-art multilayer access, alerting, and auditing measures.

Servers and networking

All servers and structured datastores use managed infrastructure services provided and secured by Amazon. Our web servers encrypt data in transit using the industry standard for HTTPS security (TLS 1.2) so that requests are protected from eavesdroppers and man-in-the-middle attacks. Our SSL certificates are 2048 bit RSA, signed with SHA256. All persistent data is encrypted at rest using industry-standard AES-256 algorithms.

Service Level, Backups and Recovery

AMGs Infrastructure utilizes multiple and layered techniques for increasingly reliable uptime, including the use of load balancing and task queues. Assistant Media uses highly redundant datastores, rapid recovery infrastructure, and point-in-time backups making unintentional loss of customer data very unlikely.

Server and Client Hardening

All servers use AWS backed infrastructure which provide load balancing, auto-scaling, and application health monitoring to ensure portals are always running reliably.

The client side application uses several techniques to ensure portals are safe and that all requests are authentic, including using JSON-web token for managing sessions and using secure cookies.

Customer Payment Information

We use Stripe for payment processing and do not store any credit card information.
Stripe is a trusted, Level 1 PCI Service Provider.

Incident Reporting

You can provide information to any potential breaches of security by emailing