We enforce 2-factor authentication, single-sign-on, strong password policies, standard protocols for integration (OpenId Connect, OAuth 2.0, and SAML 2.0), and JWT tokens to protect authentication data in transit.
All data is encrypted using HTTPS and TLS, with our user data and critical infrastructure configurations being encrypted using 256-bit AES. Encryption keys are protected by an industry-grade secret management tool where the vault is protected by a two-man integrity policy.
Reliable backup systems
Customers’ data is continuously replicated on Amazon AWS cloud and is backed up throughout the day. Our disaster recovery solutions provide fully automated failover to a backup system so our services can continue to operate without disruption.
Access rights are determined by specific roles. This approach balances offering users flexible access to their data assets, while allowing strong enforcement of data access controls.
Enterprise network security
Anduin’s servers are protected behind firewalls to control both internal and external traffic and our systems use virtual networks for isolation and protection. We have regular network penetration testing to proactively detect potential threats.
All actions in the system are logged in an immutable audit trail accessible to system administrators. Anduin provides a suite of tools to search, filter, and report on these actions.
We maintain up-to-date operating systems across our network. Verified security patches are deployed as they’re released and we continuously monitor for both malicious and accidental incidents.
Anduin is compliant with SOC 2, the gold standard for security, availability and confidentiality of customer data. SOC 2 is both a technical audit and a requirement that comprehensive information security policies and procedures be written and followed.