Data at Rest
All datastores with customer data are encrypted at rest. The data is encrypted even before it hits the database so that neither physical access, nor logical access to the database, is enough to read the most sensitive information.
Secret Management
Application secrets are encrypted and stored securely via Google Secrets Manager and access to these values is strictly limited.
Data in transit
Superflow uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks.
Endpoint protection
All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with 24/7/365 coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.
Security education
Superflow provides comprehensive security training to all employees upon onboarding and annually through educational modules with Vanta’s platform.
Identity and access management
Superflow uses Google SSO to secure our identity and access management. We enforce the use of mutli-factor authentication, Superflow employees are granted access to applications based on their role, and automatically deprovisioned upon termination of their employment. Further access must be approved according to the policies set for each application.
Superflow evaluates updates to regulatory and emerging frameworks continuously to evolve our program.
View Superflow’s Privacy Policy View our list of subprocessors View our DPA
