![Enflux_Horizontal_2C-1.jpg]](https://knowledgebase.enflux.com/hs-fs/hubfs/Enflux_Horizontal_2C-1.jpg?height=40&name=Enflux_Horizontal_2C-1.jpg){kind=small}
Security at Enflux
Enflux appreciates the sensitivity of all the customer data that we process. We strive to go above and beyond standard security practices.
Data Security:
Enflux encrypts data at rest and in transit for all of our customers. We use tools such as Amazon Web Service’s Key Management System (KMS) and Secret Manager to store and manage secrets.
Application Security
Enflux regularly engages some of the industry’s best application security experts for third-party penetration tests. Our penetration testers evaluate the source code, the running application, and the deployed environment.
Enflux also uses high-quality static analysis tooling provided by SonarCloud and AWS Inspector to secure our product at every step of the development process.
Infrastructure Security
Enflux uses Amazon Web Services to host our application. We make full use of the security products embedded within the AWS ecosystem, including KMS., SecretManager, WAF, Security groups, Private VPCs, GuardDuty, and Inspector.
Employees
All employees have background checks and must finish yearly FERPA and Security Awareness training. Access to customer data is limited to employees that need it for their job position.
Penetration Testing
Enflux uses a third-party security audit firm with expertise in penetration testing on an annual basis.
Soc 2 Type II Compliance
Enflux is proud to announce that we are officially SOC 2 Type II certified. This achievement highlights our dedication to upholding the highest standards of security, availability, and confidentiality for our customers' data.
By achieving SOC 2 Type II certification, Enflux reaffirms its commitment to providing a secure and reliable platform that customers can trust.