Richpanel Security
At Richpanel, we prioritize the security and privacy of our customers' data. Our robust security measures and compliance certifications demonstrate our commitment to protecting your information.
Compliance
SOC2 - Service Organization Controls (SOC2) Type II Trust Services Principles
SOC2 compliance ensures that Richpanel has controls in place to process and manage customer data securely. Our compliance demonstrates excellence in security, availability, and confidentiality controls.
Cloud Application Security Assessment (CASA)
We are Cloud Application Security Assessment (CASA) certified, ensuring the highest standards of security for our cloud applications. This certification validates our robust security measures, including thorough security posture reviews and advanced threat modeling. With CASA certification, we guarantee enhanced protection for your data and applications in the cloud.
Cloud Security Alliance (CSA)
Richpanel follows CSA best practices to ensure a secure cloud computing environment for our customers.
Getting Access to Compliance Documents
Within your Richpanel workspace, you can find our security settings page (Settings > Security > Compliance documents) where logged-in admins can download our compliance documents without having to request them.
Key Features
Product Security
- SSO & 2FA: We support SAML Single Sign-on (SSO) and 2-factor authentication (2FA) for enhanced account security.
- Permissions: Granular permission levels can be set for your team members, controlling access to app settings, billing, user data, and messaging capabilities.
- Password and Credential Storage: Richpanel enforces strong password complexity standards, and credentials are securely stored using industry-standard hashing algorithms.
- Uptime: We maintain an uptime of 99.9% or higher. You can check our current status at status.richpanel.com.
Network and Application Security
- Regional Data Hosting and Storage: Richpanel services and data are hosted in secure Amazon Web Services (AWS) facilities.
- Failover and Disaster Recovery: Our infrastructure is designed with disaster recovery in mind, utilizing multiple AWS availability zones for redundancy.
- Virtual Private Cloud: All our servers operate within our own virtual private cloud (VPC) with strict network access controls.
- Backups and Monitoring: We implement comprehensive logging, monitoring, and backup systems to ensure data integrity and rapid incident response.
- Encryption: All data at rest is encrypted using industry-standard encryption protocols and algorithms.
- Penetration Testing and Vulnerability Scanning: Regular third-party security audits and continuous vulnerability scanning are conducted to identify and address potential security issues.
- Incident Response: Richpanel has a robust incident response protocol in place to handle security events quickly and effectively.
Additional Security Features
- Employee Training: All Richpanel employees undergo annual security awareness training.
- Security Policies: We maintain a comprehensive set of security policies that are regularly updated and shared with all employees.
- Employee Vetting: Background checks are performed on all new employees in accordance with local laws.
- Confidentiality: All employee contracts include strict confidentiality agreements.
Customer Best Practices
We encourage our customers to follow security best practices. Visit our documentation site for guidance on keeping your Richpanel account secure.
For any security-related questions or to report a security concern, please contact our security team at security@richpanel.com.
© 2024 Richpanel Inc. All rights reserved.