Introducing Orders Page & Manual Review Requests 📢 Read more


Last updated on February 06, 2024

Organizational security

Infrastructure Security

We use Heroku and Ngrok to establish secure hosting bridges between Shopify and AWS. This setup is crucial for our staging and production processes, ensuring that our platform remains robust against security threats.

Cloud Security

Secure Cloud Infrastructure

Quoli leverages Amazon Web Services (AWS) for hosting all of our services. AWS maintains a comprehensive security program, including numerous certifications, to ensure the highest levels of security. For detailed insights into the security measures and protocols AWS implements, please visit AWS Security.

Data Hosting and Protection

Our data resides exclusively on AWS databases, all of which are situated within the United States, adhering to stringent security standards. For more specifics on the security practices, refer to the vendor documentation provided in the link above.

Data Encryption Standards

Proactive Security Measures

Ensuring Business Continuity

Incident Management

Quoli is committed to maintaining the highest standards of cloud security, ensuring that our infrastructure and your data are protected through advanced technologies and rigorous protocols.

Access Management and Security Protocols

Seamless Integration with Shopify OAuth

At Quoli, ensuring secure and efficient access to our cloud infrastructure and sensitive tools is our top priority. We exclusively use Shopify OAuth for all authentication processes. This streamlined approach eliminates traditional permissions and passwords, providing a secure, efficient, and simplified access management system that is fully integrated with
Shopify’s robust security framework.

Adhering to the Principle of Least Privilege

Quoli is committed to best security practices, including the principle of least privilege. This means access is meticulously managed to ensure team members have only the necessary permissions to fulfill their roles, all facilitated through Shopify OAuth. This minimizes potential security risks and enhances our platform’s integrity.

Regular Access Audits

To further safeguard our systems and data, Quoli conducts thorough quarterly reviews of access privileges. During these audits, we assess and adjust the access rights within our Shopify OAuth framework to ensure they remain aligned with individual roles and responsibilities, maintaining a secure and efficient operational environment.

Optimizing Security Without Traditional Passwords

Given our reliance on Shopify OAuth for authentication, the conventional password policies do not apply to the majority of our operations. This reliance on Shopify’s OAuth technology allows us to benefit from their advanced security measures, including secure token-based authentication, which significantly reduces the risks associated with
password management.

Leveraging Shopify's Security Measures

By integrating with Shopify OAuth, Quoli benefits from Shopify’s cutting-edge security protocols. This integration ensures that our team and our users enjoy a secure, reliable, and user-friendly experience without the complications of managing and remembering multiple passwords or undergoing additional security checks like SSO and 2FA.
Quoli is dedicated to maintaining a secure, accessible, and efficient platform. Through our exclusive use of Shopify OAuth for authentication, we ensure that our infrastructure remains protected, while also providing a seamless experience for our team members and users alike.

Vendor and Risk Management

Annual Risk Assessments

Quoli conducts annual risk assessments to proactively identify and address potential threats, with a particular focus on fraud prevention. These comprehensive evaluations ensure our operations remain secure and resilient.

Vendor Risk Management

Before onboarding new vendors, Quoli rigorously assesses vendor risk. This evaluation process is crucial to ensuring that all vendors meet our strict security and reliability standards, safeguarding our operations and data integrity.

Contact Us

If you have any questions, comments or concerns or if you wish to report a potential security issue, please contact
Scroll to Top