Security Information

Pave’s Commitment to Security

Our Approach to Security

At Pave, we understand that security is paramount. Our commitment to protecting the data and privacy of our clients is at the forefront of everything we do. We employ a comprehensive, multi-layered approach to security that ensures all aspects of our operations are safeguarded against threats.

Our Security Measures

Data Protection

  • Encryption
    All customer data is encrypted both at rest and in transit to ensure maximum security using advanced encryption protocols such as AES-256
  • Access Controls
    Access to sensitive data is strictly controlled and monitored. We implement role-based access control and adhere to the principle of least privilege across our systems, including AWS environments and Kafka clusters. 
  • Data Backups
    We employ continuous and periodic backups for all our data stores to prevent data loss. These backups are stored securely in AWS S3 with robust redundancy and recovery procedures in place.

Network Security

  • Firewalls and Intrusion Detection Systems
    Our network is protected with state-of-the-art firewalls and intrusion detection systems. AWS’s native security features are fully leveraged to monitor and protect our network traffic.
  • Regular Security Audits and Penetration Testing
    We conduct frequent security audits to assess and fortify our defenses, utilizing both internal resources and external experts. Penetration tests are conducted periodically to identify and address potential security weaknesses in our systems.

Compliance

  • We adhere to industry security standards and frameworks, including those specific to cloud-based architectures. 
  • We are SOC-2 Type II certified. We use Vanta to ensure compliance with relevant laws and regulations, including data protection standards like GDPR.

Employee Training and Awareness

  • Regular Training
    Our employees receive regular training on the latest security practices, with a strong focus on cloud security and data protection.
  • Security Culture
    We foster a security-aware culture, encouraging all team members to prioritize and advocate for robust security measures.

Incident Response

  • Response Plan
    We have a comprehensive incident response plan tailored to our cloud-based infrastructure, ensuring rapid and effective action in the event of a security breach.
  • Reporting Mechanisms
    Our team is trained to promptly report and escalate security incidents, ensuring swift resolution and minimal impact.

Continuous Improvement

At Pave, we are committed to continuously evolving our security practices. We stay abreast of the latest developments in technology and cybersecurity to ensure our defenses remain robust and effective against emerging threats.

Contact Us

For more information about our security practices please contact us at api@pave.dev