Security and Privacy
We engage industry-leading tools to perform various routine scans of the application and infrastructure. We also employ real-time intrusion detection systems.
Your data is encrypted while in transmission using SSL and in storage using a variety of algorithms. It is protected by firewalls, and we have state-of-the-art intrusion detection mechanisms. Passwords are encrypted and irrecoverable.
Role-based access controls and a dynamic permissions matrix enable a secure environment for all stakeholders—encryption at all phases - storage and transit.
Our systems undergo periodic tests and scans by external vendors, and our development center is already certified for ISO27001 and ISO9001. We are in the process of scheduling our SOC 2 audit in Q2 2022.
The data is located in US-based Type IV data centers with primary and backup facilities in geographically diverse locations. Your data will always remain in the US-based servers only.
Access to your application and data is available to your authenticated users only. Users have to log in with their passwords. OTP is sent via email and SMS every time a new session is initiated. Role-based access control (RBAC) ensures that the right users get access to the assigned resources.