6 controls
Operational across the product, the underlying platform, and the engineering team.
- 01Encryption in transit using TLS across all external and internal connections
- 02Encryption at rest provided by the underlying database and object storage platforms using industry-standard algorithms
- 03Object storage configured with public access blocked at the bucket level; reads gated by IAM credentials over HTTPS
- 04Logical isolation between customer organizations enforced at the application layer
- 05Production data not used in development environments; synthetic test data generated where realistic shape is required
- 06Documented retention and deletion practices aligned to customer agreements