Security
Your data security is our top priority. Learn how we protect your information.
✓ Encryption in Transit
All data transmitted between your devices and our servers is encrypted using TLS 1.3.
✓ Encryption at Rest
All stored data is encrypted using AES-256 encryption.
✓ SOC 2 Compliant
Our infrastructure and processes meet SOC 2 Type II requirements.
✓ GDPR Ready
We comply with GDPR requirements for data protection and privacy.
Infrastructure Security
Our services are hosted on Google Cloud Platform (Firebase), which provides:
- ISO 27001, ISO 27017, and ISO 27018 certified data centers
- Physical security with 24/7 monitoring and access controls
- Redundant power, cooling, and network connectivity
- Geographic redundancy and automatic failover
- Regular security audits and penetration testing
Application Security
We implement multiple layers of security at the application level:
- Authentication: Secure authentication with multi-factor authentication (MFA) support
- Authorization: Role-based access control (RBAC) to ensure users only access authorized data
- Input Validation: All user inputs are validated and sanitized to prevent injection attacks
- Session Management: Secure session handling with automatic timeout and token rotation
- Audit Logging: Comprehensive logging of all security-relevant events
Data Protection
We take extensive measures to protect your data:
- Data Isolation: Customer data is logically isolated to prevent unauthorized access
- Backup & Recovery: Regular automated backups with tested recovery procedures
- Data Retention: Clear policies on data retention and secure deletion
- Access Controls: Strict internal access controls with principle of least privilege
Operational Security
Our security practices extend to our operations:
- Security awareness training for all employees
- Background checks for employees with data access
- Incident response procedures and regular drills
- Vulnerability management and patch management processes
- Third-party security assessments
Compliance
We maintain compliance with industry standards and regulations:
- SOC 2 Type II
- GDPR (General Data Protection Regulation)
- CCPA (California Consumer Privacy Act)
- OSHA compliance features for construction safety
Reporting Security Issues
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly to:
Email: security@claymoreandcolt.com
We appreciate your help in keeping our platform secure and will acknowledge receipt of your report within 24 hours.
Questions
If you have questions about our security practices, please contact us at:
Claymore & Colt Holdings LLC
Email: security@claymoreandcolt.com