Security as a company value.
We take security seriously.
We establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
We establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.
Data is protected and compliant
SOC2 Certified
Untether’s security posture has been certified according to the Trust Services Criteria (TSC) covering security, availability, processing integrity, confidentiality and privacy.
HIPAA Compliant
Untether is compliant with US Health Insurance Portability and Accountability Act (HIPAA) - includes privacy, security, breach disclosures and the physical safeguards.
Infrastructure Security
Untether is regularly audited by third-party reviewers, penetration testers and monitors the configuration infrastructure with our cloud providers with best practice.
Enterprise Security Monitoring
Security Development
Untether engineers rigorously review all code changes, write abstractions to minimize mistakes, harden all deployment infrastructure, and maintain strict corporate security policies. Also utilize static analysis, vulnerability management, and dependency management tools throughout the development lifecycle.
Secure Storage
Untether encrypts and secures data at rest utilizing AES-256 encryption, and for data in transit relies on TLS.
Penetration Testing
Untether engages industry-leading firms to perform annual tests, using a mix of dynamic fault injection and in-depth study of source code. Includes testing scanning ports, SQL injections, and cross-site scripting.
Incident Response
Untether rapidly investigates and responds to all reported security issues. Issues reported by our status page.
Data Access & Privacy
Access is limited to only those with a legitimate business need and granted based on the principle of least privilege. See our Privacy Policy.
Organizational Security
All Employees and contractors undergo background checks prior to being engaged or employed by us in accordance with laws and best practice. Everyone signs Confidentiality or Non-Disclosure Agreements (NDAs).
Security Tools
Availability is tracked on our Untether Labs status page.
Vulnerability scanning done by Snyk.
Have security questions?
Request docs or help us by reporting any potential issues.
