Organizational Security
SOC 2 Compliance
Our SOC 2 Type I and Type II attestation reinforces our position as a paragon of security and compliance in the blockchain sector.
Penetration Testing
We perform an independent third-party penetration at least annually to ensure that the security posture of our services is uncompromised.
Security Awareness
Roles and responsibilities related to information security are well defined and documented. Team members must review and accept all our security policies, which adhere to industry best practice.
Third-Party Audits
We conduct independent third-party assessments to test our security and compliance controls.
Confidentiality
All team members are required to sign and adhere to a confidentiality agreement prior to joining.
Background Checks
We perform background checks on all new team members in accordance with local laws.
Cloud Security
Cloud Infrastructure Security
All of our services are hosted with Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI). For more information, please visit AWS Security | OCI Trust.
Data Hosting Security
All our data is hosted on Amazon Web Services (AWS) and Oracle Cloud Infrastructure (OCI) databases. For more information, please visit AWS Security | OCI Trust.
Encryption
All databases are encrypted at rest, and our applications encrypt in transit with TLS/SSL only.
Vulnerability Scanning and Monitoring
We employ AI-automated vulnerability scanning to actively monitor our cloud services.
Business Continuity and Disaster Recovery
We complete frequent backups and have in place a robust disaster recovery plan to guarantee service uptime.
Incident Response
Our rigorous process for handling information security events ensures rapid escalation and mitigation.
Access Security
Permissions and Authentication
Access to cloud infrastructure and sensitive services are limited to authorized employees with strong password policies.
Access Control
We follow the principle of least privilege and regularly perform role-based access reviews of all team members.
Risk Management
Annual Risk Assessments
We undergo risk assessments at least annually to identify potential threats, including considerations for fraud.
Vendor Risk Management
We conduct careful due diligence on vendor risk prior to authorizing a new vendor.
Contact Us
If you have any questions, comments or concerns or if you wish to report a potential security issue, please contact us.