General points on security
Keeping our customer's data secure is the most important thing that Howwe does. We go to considerable lengths to ensure that all data sent to Howwe is handled securely - keeping Howwe secure is fundamental to the nature of our business.
We want to share some of the details of what we do to keep things secure, and some of the work that we're doing to continually improve the security of your data. Here are some of the security measures in place:
Security classed Data-centers (ISO/IEC 27018:2019, ISO/IEC 27001:2013, ISO/IEC 27017:2015, ISO/IEC 27701:2019, Cloud Computing Compliance Controls Catalog (C5, GDPR, and more)
All databases are encrypted both at rest and for traffic (SSL). Rest encryption handled by google according to their high security standards:
Google uses several layers of encryption to protect customer data at rest in Google Cloud products.
Google Cloud encrypts all customer content stored at rest
Beyond this, all our databases are configured without public access, all communication is handled via encrypted web services to our APIs who is handling database communication
Automated and integrated disaster recovery
All admin login require 2FA
Also includes login from mobile devices
Only authorized personell has access to critical system components and data
Daily backups minimum
100% of traffic handled over HTTPS
Integrated redundancy and duplication for data availability
Detailed system logs and automated error tracking and messaging
All services secured with firewalls, only configured traffic is allowed access
Servers and databases with automatic updates and security patching allows for always up to date services.
Our databases are encrypted in REST and is handled by google and their very high security standards.