At Yampa, we are committed to ensuring the highest levels of security and compliance in all our operations. Our approach to security reflects our dedication to safeguarding your data, respecting your privacy, and maintaining your trust.
1. Network Security
Yampa’s production services are hosted on leading cloud infrastructure providers like Google Cloud Platform (GCP) and Azure. Our network security measures include:
- Virtual Private Clouds: We use VPCs to protect our network perimeter.
- Firewalls and Intrusion Detection Systems: These safeguard our web applications from unauthorized access.
- Regular Scanning and Monitoring: We conduct ongoing vulnerability assessments and security audits to proactively identify and address potential threats.
2. Data Protection
We implement robust cryptographic measures to ensure your data is secure at every stage:
- In Transit: All data transmitted to and from our platform is encrypted using TLS v1.2 or higher.
- At Rest: We use AES-256 encryption to protect data stored within our systems.
Regarding AI model training, we enforce a strict no-training policy: neither our clients’ nor their customers’ requests or data are used to train or fine-tune AI models.
Our security practices are designed to ensure the confidentiality, integrity, and availability of your information.
3. Access Control
Access to our systems is tightly managed. We implement several measures to ensure that only authorized personnel have access to sensitive information:
- We enforce single sign-on (SSO) and multi-factor authentication (MFA) to enhance account security.
- Access is granted based on the principle of least privilege, managed using Role-Based Access Control (RBAC).
- We maintain detailed logs of all access, errors, and warnings on production systems to ensure accountability and transparency.
4. Ongoing Security Measures
We continuously enhance our security posture through ongoing initiatives:
- We perform regular security audits and penetration testing to identify and mitigate potential risks.