Security at FlexiDoc

We take security seriously. Learn about our comprehensive security measures designed to protect your data.

Infrastructure Security

Cloud Infrastructure

  • Hosted on AWS with enterprise-grade security
  • Multi-region deployment with automatic failover
  • DDoS protection via AWS Shield
  • Web Application Firewall (WAF) protection

Network Security

  • All connections encrypted with TLS 1.3
  • Virtual Private Cloud (VPC) isolation
  • Network segmentation and micro-segmentation
  • Intrusion detection and prevention systems

Data Protection

Encryption

  • AES-256 encryption for data at rest
  • TLS 1.3 for data in transit
  • End-to-end encryption for sensitive operations
  • Hardware Security Module (HSM) for key management

Data Handling

  • Automatic file deletion after processing
  • No permanent storage of converted documents
  • Secure data deletion with overwriting
  • Data isolation between customers

Access Control

Authentication & Authorization

  • Multi-factor authentication (MFA) support
  • OAuth 2.0 and OpenID Connect support
  • Role-based access control (RBAC)
  • API key rotation and management

Internal Access

  • Principle of least privilege for all systems
  • Comprehensive audit logging
  • Background checks for all employees
  • Regular security training

Application Security

Security Practices

  • Regular security code reviews
  • Automated vulnerability scanning
  • Dependency vulnerability monitoring
  • OWASP Top 10 protection

API Security

  • Rate limiting and throttling
  • Input validation and sanitization
  • API versioning and deprecation policies
  • Comprehensive API documentation

Incident Response

Security Incident Management

  • 24/7 security monitoring and alerting
  • Defined incident response procedures
  • Regular incident response drills
  • Transparent security incident reporting

Compliance & Certifications

We maintain compliance with industry standards and undergo regular third-party audits:

  • SOC 2 Type II certified
  • ISO 27001 certified
  • GDPR compliant
  • CCPA compliant

For more details, visit our Compliance page.

Security Resources

Security Whitepaper

Download our comprehensive security whitepaper for detailed technical information.

Download PDF →

Report a Security Issue

Found a security vulnerability? We appreciate responsible disclosure.

Email: [email protected]

Bug Bounty Program

Participate in our bug bounty program and get rewarded for finding vulnerabilities.

Learn more →

Questions?

If you have any questions about our security practices, please don't hesitate to contact us at [email protected].