Safety and integrity of data is all-important to us.
One of the benefits of using IQ Gecko's StickyFeet loyalty platform and Flaxx web applications is that since the data is not kept on our computers, you don’t need to worry about viruses, computer crashes, or making sure the latest upgrades are installed on your own equipment.
We have worked with companies like Best Western Hotels, Harley-Davidson, Toys”R”Us and Suncorp Bank for many reasons - including our exceptionally good cloud data security.
Amazon Web Services.
SERVER DATA SAFE FROM PHYSICAL AND DIGITAL ATTACKS.
⇨ Multiple dedicated AWS servers.
⇨ No shared “slices” in crowded devices.
⇨ Firewall for top-line security.
⇨ Load balancer that ensures there’s always a server available.
⇨ Instant replication of data across all servers so it doesn’t matter which server you hit.
⇨ The added benefit of instant replication ensures that everything is always immediately backed up.
⇨ Our code base is kept in digital escrow at Iron Mountain.
⇨ With this kind of oversight you can sleep very well at night.
Accessing the latest cloud securities
✓ 24-hour surveillance and restricted access.
✓ Multi-homes redundant backbone fiberoptic connections for the fast response and data transfer.
✓ Multiple backup UPS and diesel generator.
✓ PCI DSS compliance means that you can rest assured knowing that we're meeting the industry's highest standards of protection.
✓ Redundant HVAC and early detection fire suppression system.
Cyber Security Protocols.
Our web application runs on a secure and scalable stack consisting of Java (Spring), Tomcat, and MySQL, hosted on Amazon Web Services (AWS). We adhere to modern best practices in web application security and cloud infrastructure management, including the following:
1. Infrastructure Security
• Hosted on AWS, leveraging the platform’s built-in security, resilience, and compliance frameworks.
• Protected at the network edge with AWS Web Application Firewall (WAF) to filter and block malicious traffic, including common threats like SQL injection and cross-site scripting (XSS).
• Security Groups and Network ACLs are configured to tightly control access to services and data.
2. Application Security
• Utilisation of Spring Security to enforce authentication, authorisation, and session management.
• Role-based access control (RBAC) implemented at both the backend and frontend layers.
• Input validation, output encoding, and protection against CSRF, XSS, and injection attacks built into the application.
3. Authentication & Account Security
• All admin and developer cloud accounts are secured with Two-Factor Authentication (2FA).
• Strong password policies are enforced across all user-facing and internal systems.
• Sensitive data is encrypted both in transit (TLS/SSL) and at rest.
4. Data Protection & Backup
• Database access is restricted to specific IPs and internal services.
• Regular encrypted backups are taken and securely stored to support disaster recovery.
• Strict least-privilege policies are applied for database and resource access.
5. Monitoring & Response
• Continuous monitoring of application and infrastructure logs for suspicious activity.
• Integration with AWS monitoring tools (e.g. CloudWatch, GuardDuty) for real-time alerts.
• Regular internal reviews and threat assessments to identify and mitigate potential vulnerabilities.
The average person uses 36 cloud-based services every single day.
90% of all companies use the cloud for some (or all) of their business.
Public cloud expenditure is expected to reach US$ 850–900 billion in 2026.
Cloud data statistics.