Security Statement
At Cinapse, your security and privacy are paramount to us. We are dedicated to safeguarding the personal and production information you trust us with, ensuring the highest levels of confidentiality and privacy for you and your production.
Organizational Commitment:
Security is a core organizational and business priority at Cinapse, and our founding team has a background in cryptography.
Our Information Security Program adheres to the rigorous standards outlined by the SOC 2 Framework, a widely recognized industry standard for information security auditing.
Regular Audits and Assessments:
We undergo frequent independent third-party audits, security assessments, penetration tests, and vulnerability scans to uphold the uncompromised security posture of our services.
Employee Training and Compliance:
All Cinapse employees undergo regular Security Awareness Training, adhering to industry best practices and relevant information security topics. Before commencing work, employees sign and adhere to an industry-standard confidentiality agreement, and background checks are conducted in compliance with local, state, and federal laws.
Identity and Access Management:
We strictly adhere to the principle of least privilege, ensuring that Cinapse employees have access only to the data and systems essential for their roles. Access to cloud infrastructure and sensitive tools is limited to authorized personnel, enforced with two-factor authentication (2FA) and Single Sign-On.
Security of Production Data:
Cinapse places the highest priority on the security of your production data. Our services are hosted on reputable platforms such as Amazon Web Services (AWS), Cloudflare, and Render, each boasting robust security programs and certifications.
All data is hosted on AWS and Render in the United States, with databases encrypted at rest and applications encrypting data in transit using TLS/SSL. We actively monitor and log various cloud services to ensure ongoing security.
Business Continuity and Disaster Recovery:
Cinapse adheres to a corporate Business Continuity and Disaster Recovery Plan, minimizing the risk of data loss in the event of hardware failure. This plan includes the use of data hosting provider back-up services and monitoring services to promptly address potential failures.
Vendor Accountability:
Cinapse holds vendors accountable for the security and privacy of your data. We conduct risk assessments annually to identify potential threats, including considerations for fraud. Prior to authorizing new vendors, we perform comprehensive reviews to ensure compliance with local, state, and federal laws, especially for high-risk vendors, who are subject to annual re-evaluation.
Our commitment to security is unwavering, and we continuously evolve our practices to stay ahead of emerging threats. If you have any further questions or concerns, please feel free to reach out to our Customer Support team at support@cinapse.io.