❓Security FAQ

Still not finding what your looking for? Contact us at support@littlearms.com with your support question. We will respond as soon as we receive your message.

What is Little Arms Studios?

Little Arms Studios is a tech startup incorporated in the USA đŸ‡ē🇸

as Little Arms Studios Inc.

Where and how is my data stored?

All user data and content is stored in the USA đŸ‡ē🇸 on Amazon Web Services (AWS), which is backed by the same infrastructure and security that Amazon uses for its own services.

Customer data is stored in USA data centers. The website https://zephyr-sim.com and its assets may be cached in other geographic locations by AWS's CDN service CloudFront.

Access to private content through https://zephyr-sim.com is always validated through our API using a permission system.

Amazon's AWS follows and leads most of the industries best practices and is compliant with major security standards.

Is customer data encrypted?

Yes all customer data is encrypted at rest and in-transit.

  • In transit we use HTTPS TLS 1.2 to encrypt all traffic served to end users.

  • At rest on Amazon Web Services (AWS) we use AES-256

What web/IP addresses/ports need to be whitelisted to access the site and sim?
  • littlearms.com

  • *.littlearms.com

  • zephyr-sim.com

  • *.zephyr-sim.com

  • https://littlearms.us.auth0.com

  • port 443

How are users authenticated?

By default, all customer data can only be accessed by themselves or Little Arms Studios Administrators. If a customer accepts an invitation to join an Organization as a Student, then their data can be access by the Instructors or Administrators of that Organization.

Customers may also choose to make some of their data public on their personal profile to showcase their flight time, achievements and obtained certifications.

Which data is required to operate on Zephyr?

The only required piece of information to sign up and start using Zephyr is an email address.

When purchasing a Certification test such as the BPERP, personal information such as first name, last name and email address is required and provided to the Airborne Public Safety Association, which review and approve the BPERP certification.

Last updated