Ensuring the security of our platform and its users is central to what we do at Risk Ledger. We maintain strict security and confidentiality controls to ensure that your information remains secure. You can review Risk Ledger's security assessment yourself using the platform! Just request access by emailing firstname.lastname@example.org.
The only data visible to organisations you are not connected with is your company’s name and the country it is registered in to allow connection requests to be sent and accepted.
- Encryption - All data sent to and from Risk Ledger is encrypted in transit. Our website, application and API are served over TLS/SSL, achieving A+ on Qualys SSL labs. We also encrypt all data at rest with the industry-standard AES-256.
- Cloud Infrastructure - Risk Ledger services and data are hosted within hardened cloud infrastructure, managed using Infrastructure-as-Code processes. We operate over two availability zones, with robust monitoring in place. Amazon Web Services (AWS) is our primary cloud provider.
- Authentication - Risk Ledger enforces strong authentication for both our users and employees, to protect our customers and their data. Multi-Factor Authentication (MFA) is mandatory to access the product and all our internal systems.
- Independent Security Testing - Risk Ledger undergoes regular vulnerability scanning and penetration tests by independent third-parties, testing our security controls against industry standards. In addition, all our employees complete regular information security training.