Enflux appreciates the sensitivity of all the customer data that we process. We strive to go above and beyond standard security practices.
Data Security:
Enflux encrypts data at rest and in transit for all of our customers. We use tools like Amazon Web Service’s Key Management System (KMS) and Secret Manager to store and manage secrets.
Application Security
Enflux regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, the running application, and the deployed environment.
Enflux also uses high-quality static analysis tooling provided by SonarCloud and AWS Inspector to secure our product at every step of the development process.
Infrastructure Security
Enflux uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS., SecretManager, WAF, Security groups, Private VPCs, GuardDuty, and Inspector.
Employees
All employees have background checks and must finish yearly FERPA and Security Awareness training. Access to customer data is limited to employees that need it for their job position.
Soc 2 Type II Compliance
Enflux is in the process of working toward Soc 2 compliance. We expect that we will start observation by the end of 2022.