<aside> <img src="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/ef6b5d5f-72ed-4087-8295-e5cd1fa1640a/transparent.png" alt="https://s3-us-west-2.amazonaws.com/secure.notion-static.com/ef6b5d5f-72ed-4087-8295-e5cd1fa1640a/transparent.png" width="40px" /> Security is our top priority and is at the center of everything we do. Learn about how we embed security practices into our engineering processes to keep all sensitive data as secure as possible.
</aside>
All data is encrypted at rest with AES-256 and is kept in a private network with tightly monitored and access.
Data in transit is encrypted using standard web security protocols (TLS v1.3).
We are compliant with NACHA’s Data Security Requirements. Account numbers and other personally identifiable information are obfuscated on our UI, encrypted and never leave our infrastructure.
Each of our 3rd party infrastructure partners meets our high security standards for protecting sensitive data.
We operate a private bug bounty program and have internal procedures to remediate any bugs or security vulnerabilities discovered
Take a look at the program:
Our products are routinely audited by third-party security providers to certify we are following industry best practices.
All access to production systems is monitored and logged. All internal and clients accounts are protected via 2FA.
We only expose what is absolutely necessary to use our product and no more. All essential services are protected by following standard cloud network architecture guidelines to minimize the attack surface area and keep sensitive data safe.
All systems are continuously monitored and issued addressed according to the SLAs (service-level agreements) specific to each client.
We are actively in the process of obtaining a SOC 2 certification (E. July 23, 2021).
For more information, please reach out to [email protected]
