This page provides information regarding the security and data storage best practices that SoftLedger follows. Keeping your data secure and available is of top priority. Please contact firstname.lastname@example.org if you would like to know more.
- 256 bit encryption.
- All data is encrypted at rest.
- Softledger uses TLS1.2.
- User based permissions based using OAUTHv2.
- Application only access. Users have no direct database access.
- The principle of least authority (POLA) is followed for Server/Network/Application access. Employees are given only those privileges necessary to do their duties.
- Accounts are locked after multiple incorrect password attempts.
- Multi-factor authentication.
- Secure password policy focused on length vs complexity as this is a better representation of security(NIST).
- Hosted on AWS (Amazon Web Services).
- Multi-region(datacenter) replication.
- Continuously backed up with a 7 day recovery window.
- Recovery time of < 24 hours with less than 1 hour of lost data(typically closer to 5 minutes).