Cyberspace provides endless threats on a daily basis. While the type and potential risk are different from one sector to another and one exchange to another, we can agree that almost every day a typical organization needs to deal with a new threat since the incentive for cyber-crime incident is very high.
Cyber security risks are now commanding board-level attention as businesses are transformed by digital technology. The World Economic Forum states that in the 4th industrial revolution we will need to alter our way of living: “We stand on the brink of a technological revolution that will fundamentally alter the way we live, work, and relate to one another. In its scale, scope, and complexity, the transformation will be unlike anything humankind has experienced before…”
In the past 18 months, we have seen multiple attacks on crypto exchanges worldwide with one thing in common: Cyber-criminals exploiting any possible weakness in the system.: “Hot wallet – Coincheck, Bitfinex, Phishing breach- Bitstamp, Steemit, Bee. Etc…”
If you build it – they will come
Building our Enable by Security Crypto exchange service requires the need for multi secure service orchestrations, using robustness & resilience. This was achieved by applying a strategic secured in-depth approach involving multi-party approvals “for all in all” layers.
Tactical separation approach that utilizes architecture and separation of resource and secured business approval mechanism from the customer side all the way to the blockchain.
Enabling Cyber threat intelligence combine with AML protect eToroX customers.
eToroX first crypto exchange that is fully Enable by Security
Human Resources – All eToroX employees are required to pass security clearance as part of the hiring process.
KYC – All eToroX customers are required to complete Level 3 Identity Verification; Updating financial account information requires dual-process verification.
Genesis – Our own development backlog analytic mechanism, based on N.N machine learning algorithm assists decision making.
Infrastructure – All employee- & role-based workstations are protected and verified based on multiple security mechanisms that include deception & traps.
Encryption – All data is encrypted as default and we use a dedicated secured mechanism to prevent CSRF attacks.
Something you have – We built our platform with the ability to limit login attempts and whitelisting attribution models to prevent automation attacks.
Authentication – eToroX uses 2FA “All the way” access sensitive environments only from separate authenticated and authorized environments.
Secured by design – All eToroX platform is secured by design with multiple PT & Code review as well as part of our bug bounty program.
SOC – Our 24\7 security operation center detects & identifies events & alerts in real time.
Custody – Our custody solution is based on three level Mil grade FIPS140 custodian process with multi separation between the environments:
Warm – Process engine secured solution, Cold – Secured isolated gap environment, Deep – Military grade secured isolated environment.