About this guide
This guide will provide high level information about the platform security, adherence to regulations and standards and controls in place.
Demyst uses TLS 1.2 or higher to create a secure connection for data in transit. Data at rest is encrypted using
Each platform region is deployed in a three tier subnet layout using AWS Network ACLs and Security Groups to control traffic. Regions are isolated to minimise data sovereignty concerns
Demyst monitors security events using a combination of AWS and third-party security tools connected to a central alerting system
Access to Demyst production systems is limited to properly trained and vetted Demyst team members
Demyst performs regular vulnerability scanning and penetration testing
Demyst proactively monitors its platform with rapid failover in place
The platform contains detailed change logs and admin reporting dashboards
Demyst is SOC 2 Type II certified
Security regulations and standards Demyst adhere to:
- ISO 27001
- NIST 800-53
Demyst undergoes an annual SOC 2, Type II audit which evaluates the security, availability and confidentiality controls in place to protect client data and the delivery of Demyst’s service. Successful completion of a SOC 2 audit is a requirement for many clients, especially regulated financial institutions, when considering a software as a service provider.
Updated about 1 month ago