Security is Paramount
- All information in transit is encrypted.
- All sensitive data is encrypted at our Application servers and then sent to storage.
- Internal and external access is restricted.
- We are constantly testing and evaluating our networks and the security of our service providers.
- To maintain the highest level of security, we use penetration tests, thorough code reviews and advanced QA testing processes.
In Application Security
Enterprise Grade Roles and Permissions
- Ability to create organizational structures and grant permissions.
- Create users and admins.
- Permissions can be applied and given across organizations.
- Enforce separation of duties.
- Full audit trail capabilities for adminstrators.
- Add/edit/remove users, organizations and products.
- View connections and relationships with other companies.
Hosted at Amazon AWS and Hosted Datacenter
- SSAE-16 Type II compliant data centers.
- Physical security with 24-hour surveillance and biometric access controls.
- Redundant power, cooling, and internet connectivity.
- Physical and logical access is restricted to Operations personnel only.
- All activity is logged and tracked.
- Multi-Factor authentication.
Separate Non-Production and Production Environment
Data at Rest
- All sensitive data is encrypted at the application layer using AES-256/SHA2.
- Sensitive or above data, stored in DB, is stored as encrypted values.
- Documents streams are encrypted before being stored in DB.
- All data in transit from client is encrypted over HTTPS/TLSv1.2 using AES-256.
- All internal server-to-server communication is encrypted.
- Key Management
- Keys are rotated on a quarterly basis.
- Data is re-encrypted on read/write access.
- Keys are encrypted using AES-256.
- Anything that can be encrypted will be encrypted.