Security is at the core of our operations. Below is an overview of how we protect the data entrusted to us. For a more detailed review of our system architecture and security practices, including compliance controls, our completed HECVAT is available upon request.
Data in Transit
All communication between users, the CleryEdge application, and our databases is protected using TLS (Transport Layer Security) encryption—the same standard used by banks and other processors of sensitive information.
Data at Rest
CleryEdge employs Transparent Data Encryption (TDE) to secure all data at rest using AES encryption. Our database services, hosted in Microsoft Azure, are regularly audited and certified to meet current security standards.
Tokenization
CleryEdge does not store, process, or transmit credit card information. All credit card payment transactions are handled by a third-party provider, Stripe, that is fully PCI-DSS compliant.
User Access Control
Access to CleryEdge is governed by a role-based permission system managed by each customer. Every user must authenticate using multi-factor authentication (MFA), and we also offer optional Single Sign-On (SSO) integration for institutions that prefer to manage user credentials through their own identity provider.
Security Testing
We conduct regular internal and external vulnerability assessments. All identified issues are prioritized for immediate investigation and resolution.
Data Center and Infrastructure Security
CleryEdge is hosted in Microsoft Azure’s U.S.-based, fully redundant data centers. These facilities are protected by multiple layers of physical and environmental controls, including perimeter security, biometric access, and round-the-clock monitoring. Azure’s infrastructure complies with a wide range of industry standards, including ISO/IEC 27001, HIPAA, FedRAMP, and SOC 1, SOC 2, and SOC 3.
Data Loss Prevention
All application data and files are backed up daily and retained on a rolling basis. We have never experienced a data loss incident. Backup management aligns with our Secure Development Policy and disaster recovery practices.