Platform and network security
Application lifecycle security is ensured by the implementation of privacy by design principle - data protection and privacy is considered at each phase of development.
Security of data at rest is ensured through the implementation of the principle of least privilege (employees, programs, and applications have only as much access as they need to a separate part of the data to perform their duties), encryption of the data with AES 256 algorithms.
Security of data in transit is ensured by end-to-end encryption (minimum TLS 1.2).
Logging and monitoring for identification and detection of threats to IT systems are ensured by automated audit trails and logging for all system components (servers, applications, databases, etc.), logs are protected from unauthorized changes, additions, or deletions, an automated alerting system for anomalies is in place.
Server and database security is ensured by the separation of database and web servers, web applications firewalls, implementation of the principle of least privilege, automated suspicious activity reporting, data, and backups encryption.
Network and communication security includes the following measures: access control, antivirus, and antimalware software, firewall protection.
Physical security is ensured by physical access denial of unauthorized access, SOC II certified data centers.