Your Privacy, Protected
At EstateSpace, your privacy and security come first. You manage what matters most — we’ll keep it safe.
Confidentiality & Privacy
- Security processes to make sure that customer data is accessed only by those who have permission.
- Role-based access controls
- Restricted access to accounts
Infrastructure Security
- Safeguards put in place to prevent direct access to data through AWS.
- SSAE 16 Type 2-compliant data centers
- HTTPS connections with AWS
- Built in firewalls using AWS VPC
Application Security
- Features built in to the EstateSpace mobile solution to keep the data it contains secure using Strict Transport Security.
- HTTPS/TLS 1.2
- Perfect forward secrecy
- Mobile app 256 bit key encryption
- OWASP secure
Data Security
- Best practices and services used to prevent loss of data through disaster or hardware failure.
- Industry leading Amazon Web Services in the Cloud
- Frequent, automated backups
- 24/7/365 monitoring and threat response
Data Privacy & Security
We meet or exceed the most up-to-date standards for security compliance and only work with the best companies in the industry.
Cloud Infrastructure
- Data is stored using Amazon Web Services (AWS).
- Utilizes a securely managed sharded MongoDB cluster
- AWS is an industry leader in cloud infrastructure security, designed for the most security-sensitive organizations
Penetration Testing
- EstateSpace undergoes continuous security and performance testing
- Services are hardened to manage risk and limit threats
- Testing reports available upon request
Cloud Security Monitoring
- Cloud infrastructure security and monitoring is managed by Mission
- Mission is a Premier Consulting Partner in AWS and the Amazon Partner Network (APN).
- Mission is SOC 2 Type II certified, ensuring compliance and security best practices
ISAE 3402
- EstateSpace aligns with the ISAE 3402 assurance standard
- Evaluates the controls over services and applications relevant to the customer
- Enables auditors to assess internal control over financial reporting
SOC 2 Type I & II
- EstateSpace partners only with SOC 2 or SOC 3 certified subservice organizations
- All client data and application dependencies are maintained within certified boundaries
- Provides verifiable assurances of data security and operational controls
HIPAA
- EstateSpace is fully HIPAA-compliant
- Adheres to all physical, administrative, and technical safeguards
- Ensures the protection and integrity of electronic Protected Health Information (ePHI) for covered entities and business associates
GDPR
- EstateSpace is GDPR-compliant
- Adheres to data collection limited to only necessary information
- Ensures the protection and integrity of personally identifiable information (PII) for covered entities and business associates
Request our Security Brief or talk to our security team
Our security team can provide more information or meet with you. Contact us to set up a time today.
