Security & Infrastructure

Fulcrum is a cloud-based data collection and storage platform designed to simplify the process of creating customized data collection apps for conducting field surveys and mobile, digital form development. As a cloud solution, the Fulcrum platform runs on the Amazon Web Services (AWS) infrastructure, including Elastic Compute Cloud (EC2), Simple Storage Service (S3), and Virtual Private Cloud (VPC). By harnessing the AWS infrastructure, Fulcrum offers higher-availability, redundant high-capacity storage, and added reliability over self-hosted software solutions.

Secure at Every Step

All network communications in Fulcrum are secured with 256-bit SSL connections to keep your data safe through every step of the process. This is the same level of security provided by online banking institutions and popular e-commerce sites. From web to mobile apps, your data is always secure in transit from device to server, or server to desktop.

Automated Backup & Disaster Recovery

Our entire cloud infrastructure is continually replicated across multiple datacenter regions. Redundant servers and automated, real-time backups mean your data is always safe in the event of localized server failures or network outages.

Protected Payments

All credit card details go through a secure merchant gateway, with PCI Service Provider Level 1 certification. Your sensitive payment information always goes straight to the merchant processor, and always remains secure.

IT-Friendly

Fulcrum is cloud-based data collection and surveying tool. That means all data is hosted by us with none of the hassle of manual installation, configuration, and maintenance of running servers on your own hardware. Your IT staff doesn't have to shoulder more burden of managing yet another piece of software.

Summary

Cloud-based Servers The Fulcrum server is cloud-based, and adheres to the policies of the Amazon Web Services standard agreement. For more information see aws.amazon.com/security.
Secure SSL All traffic to the Fulcrum server and API is forced to use 256-bit secure SSL.
Ruby on Rails Fulcrum is a Ruby on Rails web application.
Native Apps Fulcrum’s mobile apps for iOS and Android are completely native, built using Objective-C and Java, respectively.
Nginx Web Server All server requests are handled by an nginx web server.
PostgreSQL with PostGIS All persistent data is stored on a PostgreSQL database server, with PostGIS extensions for geospatial functions.
Authentication All user accounts in Fulcrum require strong passwords for authentication to the system.
Attachments Attachment data and maps uploaded to Fulcrum are stored on S3, a distributed, high-availability storage engine that grows along with your Fulcrum content.
Your Data Your data always remains private, and is not shared between accounts on the system, and all data within your account belongs to you.
Redundancy All content stored on S3 has access control policies and permissions associated with it, locking down all content making it accessible only to your user account. As with the database, all associated files on S3 are stored redundantly across datacenter locations to mitigate data loss and increase availability and uptime.
API Authentication Authentication to the API is accomplished via unique tokens associated with each account which can be reset at any time. This same API is used by our iOS and Android mobile applications.
Authentication Authentication uses standard challenge/response, with SHA1 password hashes stored in the PostgreSQL database.