Program Highlights
Infrastructure Security
- Hosted on a leading cloud infrastructure provider (Heroku)
Customer Data Protection
- Logical Tenant Separation
- Encryption In-Transit (TLS 1.2, TLS 1.3)
- Encryption At-Rest (AES-256)
Application Protection
- Distributed Denial of Service (DDoS) Protections
- Regular Vulnerability Scanning
- Annual Penetration Testing
Organizational Security
- Security Education & Awareness Training
- 24/7 Monitoring and Incident Response
- Vendor Risk Management
Compliance & Privacy
- SOC 2 Type 2 Report (available on request)
- HIPAA compliance