Security Policy

Last Updated: October 30, 2024

Introduction Access Control Data Security Network Security Physical Security Monitoring and Logging Vulnerability Management Incident Response Employee Security Compliance and Standards Third-Party Security Data Backup and Recovery Secure Development Practices Contact Information

Introduction

At Pairenthesis ("we," "us," or "our"), we are committed to safeguarding the security of our AI-native, no-code data insights platform (the "Service") and the data processed within it. This Security Policy outlines the technical and organizational measures we implement to protect your data.

Access Control

User Authentication: Multi-factor authentication (MFA) is required for all administrative access.
Role-Based Access Control (RBAC): Permissions are granted based on the principle of least privilege.
Regular Access Reviews: Periodic audits of user access rights.

Data Security

Encryption in Transit: Data transmitted between you and the Service is encrypted using TLS 1.2+.
Encryption at Rest: Data stored on our servers is encrypted using AES-256 encryption.
Data Segmentation: Customer data is logically separated to prevent cross-access.

Network Security

Firewalls and Intrusion Detection: Use of firewalls and intrusion detection/prevention systems (IDS/IPS) to protect against unauthorized access.
Secure Network Architecture: Segmentation of networks to isolate sensitive systems.

Physical Security

Secure Data Centers: Our servers are hosted in data centers with 24/7 surveillance, biometric access controls, and redundant power supplies.
Environmental Controls: Protection against environmental hazards like fire and flooding.

Monitoring and Logging

Continuous Monitoring: Systems are monitored for security events and anomalies.
Audit Logs: Comprehensive logging of access and actions within the Service.
Log Retention: Logs are retained in accordance with our data retention policies.

Vulnerability Management

Regular Updates: Timely application of security patches and updates.
Vulnerability Scanning: Automated scanning tools to detect potential vulnerabilities.
Penetration Testing: Periodic third-party penetration tests to assess security posture.

Incident Response

Incident Response Plan: Established procedures for responding to security incidents.
Notification: Prompt notification to affected parties in the event of a data breach.
Recovery Procedures: Steps to restore services and data integrity following an incident.

Employee Security

Background Checks: Pre-employment screening of all personnel with access to sensitive data.
Security Training: Regular training on security best practices and policies.
Confidentiality Agreements: Binding agreements to protect confidential information.

Compliance and Standards

Regulatory Compliance: Adherence to applicable laws and regulations, including GDPR and CCPA.
Industry Standards: Alignment with industry best practices, such as ISO 27001 and NIST guidelines.

Third-Party Security

Vendor Assessments: Due diligence and security assessments of third-party service providers.
Contracts and Agreements: Inclusion of security and confidentiality obligations in vendor contracts.

Data Backup and Recovery

Regular Backups: Routine backups of critical data.
Disaster Recovery Plan: Established procedures for restoring services in the event of a major outage.

Secure Development Practices

Code Reviews: Peer reviews and static analysis of code for security vulnerabilities.
Secure Coding Standards: Adoption of secure coding guidelines (e.g., OWASP).

Contact Information

For security inquiries or to report a security incident:

Email: security@pairenthesis.com
Address: 166 Geary St. STE 1500 San Francisco, CA 94108 United States