We take multiple measures to ensure your data is protected

We operate a security program that includes regular security audits, vulnerability scans, external penetration testing, automated monitoring and security training for our staff.

We continually monitor developing standards and legislation to ensure that Vault Platform adheres to the security requirements of leading industry bodies.

Customer data is stored in multiple locations in our hosting provider’s data centers to ensure availability. We operate a business continuity program that includes backup and restoration procedures that are regularly reviewed and tested.

AWS data centers have round-the-clock security and strict controls for physical access. Learn more about AWS physical security.

The Vault Platform operations team are on-call 24/7 to support the service.

At rest, all data is encrypted using 256-bit advanced encryption standard (AES-256).

We regularly monitor changes to the cryptographic landscape and implement best practices as they evolve.

We provide regular training for our engineers in secure coding, that covers key OWASP security risks, common attacks and security controls best practices.

As part of the software development process at Vault, code and configuration changes are thoroughly reviewed. Before being deployed, these changes are tested using a quality assurance process to help ensure an expected, consistent, experience across supported devices and platforms.

All Vault employee work devices are configured with full-disk encryption, strong password protection, and employees are prohibited from using unauthorized software or portable media.

Administrative access to systems within the production environment is limited to staff with a specific need to support our services. Access to our servers is monitored and audited, we regularly review system and access logs.