Security is something we think and breathe every time we’re implementing a feature or using a service. We have an extremely high bar for keeping data secure and continually audit and update our processes to make sure your data is never compromised.
We use Amazon Web Service
AWS sets the industry standard when it comes to security, policies, and architecture. We trust them with our servers along with hundreds of millions of other companies, including Netflix, LinkedIn, AirBnB. We restrict access and communication to and from these servers to the minimum required to use our product.
Virtual Private Cloud
All of our servers are within our own virtual private cloud (VPC) with network access control lists (ACLs) that prevent unauthorised requests getting to our internal network.
Two Factor Authentication
Everyone on our team has two-factor authentication setup for their accounts where possible, which means that nobody can access their accounts without a security code sent to our mobile devices at the time of attempted login.
Storing your passwords
We never store passwords in plain text. All passwords are salted and then hashed before they are stored.
Encryption
All communication between your computer and Pathmonk is encrypted using industry standard HTTPS/SSL.
Payment info
All payments made to Pathmonk go through our partner, Stripe, We do not store your payment information directly. Details about Stripe security setup and compliance, which follows industry standards and PCI compliance can be found here.
Authentication/access
We authenticate access to Pathmonk & Pathmonk API services using revocable access tokens. Contact us immediately if you have reason to believe any access tokens may have been compromised.
Pentests and Vulnerability Scanning
Pathmonk uses third party security tools to continuously scan for vulnerabilities. Our security team responds to issues raised. We actively engage third-party security experts to perform detailed penetration tests to maintain Pathmonk application and infrastructure high bar.
Incident Response
Pathmonk implements a protocol for handling security events which includes escalation procedures and rapid mitigation. All employees are informed of our policies.
Additional Security features
Training
All employees complete Security and Awareness training annually.
Policies
Pathmonk has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.
Confidentiality
All employee contracts include a confidentiality agreement.
Security questions?
If you think you may have found a security vulnerability, please get in touch with our security team at [email protected].
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article