TipHaus Commitment to Security
TipHaus uses enterprise-grade security and regular audits to ensure you’re always protected. We undergo regular penetration testing and security reviews designed to be SOC 2 compliant.
Section 1: Application Security
* Data is encrypted in transit with TLS 1.2. Data is encrypted at rest with AES.
* Independent third-party penetration, threat, and vulnerability testing.
* User access controls with single sign-on and MFA.
Section 2: Our policies are based on the following foundational principles:
* Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.
* Security controls should be implemented and layered according to the principle of defense-in-depth.
* Security controls should be applied consistently across all areas of the enterprise.
* The implementation of controls should be iterative, continuously maturing across the dimensions of improved effectiveness, increased auditability, and decreased friction.
Section 3: Continuous Security Commitment
* Penetration Testing
We perform an independent third-party penetration test at least annually to ensure that the security posture of our services is uncompromised.
* Security Awareness Training
Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
* Third-Party Audits
Our organization undergoes independent third-party assessments to test our security controls.
* Roles and Responsibilities
Roles and responsibilities related to our information security program and the protection of our customer’s data are well defined and documented.
* Information Security Program
We have an information security program in place that is communicated throughout the organization. Our information security program follows the criteria set forth by SOC 2.
* Continuous Monitoring
We continuously monitor our security and compliance status to ensure there are no lapses.
Section 4: Data privacy
At TipHaus, data privacy is a top priority—we strive to be trustworthy stewards of all sensitive data.
* Privacy Shield
TipHaus maintains an active Privacy Shield Membership
* Regulatory compliance
TipHaus evaluates updates to regulatory and emerging frameworks continuously to evolve our program.
* Privacy Policy and DPA