Security and Compliance Safeguards and Protocols

ChargeKeep’s Security and Compliance Safeguards and Protocols



Overview

ChargeKeep employs a multi-layered security approach to protect and secure our customers’ data from unauthorized access and threats. Our protocols ensure network security, data integrity, and compliance with best practices in cybersecurity.


Data Security and Transmission Protocols

  • Encryption: All data transmitted between your browser and ChargeKeep is safeguarded through 256-bit SSL encryption. We use industry-standard encryption protocols like SSL (Secure Socket Layer), HTTPS (Secure Hypertext Transfer Protocol), and SFTP (Secure File Transfer Protocol) to ensure the security of your sensitive information during transmission.
  • Network Security: Our network security protocols are meticulously designed to protect network data from unauthorized access attempts, preventing unauthorized users, applications, services, or devices from accessing network data.

Network Infrastructure & Firewalls

  • Firewalls: Comprehensive system-level protection is provided by firewalls, with additional security measures such as Cloudflare Firewall and DDoS protection services at the domain level.
  • Cloud Infrastructure: Our application infrastructure operates on advanced cloud platforms like Heroku, Microsoft Azure, and Amazon Web Services (AWS), which incorporate rigorous physical security measures.
  • Vulnerability Scans: Regular vulnerability scans by third-party providers swiftly identify and address potential risks, enhancing our system security continuously.

Data Access Security and Routine Monitoring

  • User Permissions Management: An intricate hierarchical User and Roles Management system allows for precise configuration of permissions for each user or group.
  • Multi-factor Authentication: Users can enhance their data security by activating MFA functionality, providing an additional layer of security.
  • OAuth Authentication: Sensitive information, such as credentials for third-party financial institutions, is transmitted directly from the user’s browser to the financial institution, providing us with limited read-only access necessary for reporting purposes.
  • Data Encryption: Confidential credentials and other sensitive data stored on our network benefit from robust encryption, adding an additional layer of defense for client data.

Routine Security Audits, Controls, and Backups

  • Development Process and Team Training: Security is integrated into our development efforts. Our software engineering team follows secure development practices outlined by OWASP and adheres to the principle of least access.
  • Access Monitoring: Internal systems monitor user activity, employing a velocity alerting system to notify us of system-level anomalies swiftly, with automatic user suspension if a brute force attack is detected.
  • Backups: Regular data backups are conducted using Azure cloud infrastructure, ensuring replication and storage of databases in multiple geographic locations for disaster recovery and data integrity.

Conclusion

ChargeKeep is dedicated to maintaining the highest standards of security and compliance to protect our customers’ sensitive data and ensure the integrity of our platform. We continuously review and enhance our safeguards and protocols to stay ahead of evolving security threats and regulatory requirements. Our comprehensive security measures, robust compliance programs, and ongoing employee training and awareness initiatives demonstrate our dedication to providing a secure and trustworthy platform for our customers.