Security at NovusChat
Your data security is our top priority. Learn how we protect your information.
End-to-End Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256.
SOC 2 Compliant
Our infrastructure meets SOC 2 Type II compliance standards.
API Key Security
API keys are hashed and stored securely. You can rotate keys anytime.
Access Controls
Role-based access control (RBAC) for team management.
Regular Audits
Third-party security audits and penetration testing.
Incident Response
24/7 monitoring with rapid incident response procedures.
Data Protection
We implement multiple layers of security to protect your data:
- All data is encrypted at rest using AES-256 encryption
- Data in transit is protected with TLS 1.3
- Database backups are encrypted and stored in geographically distributed locations
- Strict access controls limit employee access to customer data
Infrastructure Security
Our infrastructure is hosted on AWS with enterprise-grade security:
- Virtual Private Cloud (VPC) isolation
- Web Application Firewall (WAF) protection
- DDoS protection and mitigation
- Regular security patches and updates
Application Security
We follow security best practices in our application development:
- Secure software development lifecycle (SSDLC)
- Regular code reviews and security testing
- Dependency vulnerability scanning
- Input validation and sanitization
Compliance
NovusChat maintains compliance with industry standards:
- SOC 2 Type II certified
- GDPR compliant
- CCPA compliant
- HIPAA compliant (Enterprise plan)
Reporting Security Issues
If you discover a security vulnerability, please report it to security@novuschat.ai. We take all reports seriously and will respond promptly.
Have security questions?
Our security team is happy to answer any questions about our practices.
Contact Security Team