Security at Hirall
We take security seriously. Learn about our approach to protecting your data and applications.
Infrastructure Security
SOC 2 Type II Compliant
Our infrastructure and processes are audited annually to ensure compliance with SOC 2 standards.
Encryption at Rest and in Transit
All data is encrypted using AES-256 at rest and TLS 1.3 in transit.
Network Security
Multiple layers of firewalls, DDoS protection, and intrusion detection systems protect our infrastructure.
Automated Backups
Daily automated backups with point-in-time recovery capabilities ensure your data is never lost.
Data Protection
Multi-Tenant Isolation
Each project operates in an isolated database schema with dedicated resources.
Row Level Security (RLS)
Fine-grained access control at the database level ensures users can only access their own data.
GDPR and CCPA Compliance
Our platform is designed to help you comply with global data protection regulations.
Data Residency Options
Choose where your data is stored with multiple region options for compliance requirements.
Authentication & Access Control
Multi-Factor Authentication
Secure your account with SMS, authenticator apps, or hardware security keys.
Role-Based Access Control
Granular permissions for team members with custom roles and access policies.
JWT with Short Expiry
Secure authentication tokens with configurable expiration and rotation policies.
API Key Management
Create, rotate, and revoke API keys with granular permissions and usage tracking.
Our Security Program
Our security program includes regular penetration testing, vulnerability scanning, and code reviews. We maintain a security incident response plan and conduct regular training for our team.
We encourage responsible disclosure of security vulnerabilities. If you believe you've found a security issue, please contact us at security@hirall.com.