All our data is encrypted in transit via industry best practices using Transport Layer Security (TLS) version 1.3, and encrypted at rest across our infrastructure using minimum AES-256. Furthermore, all credentials are salted, hashed and stored as such in the Database
To enforce data security, role-based access control (RBAC) is implemented to restrict system access to authorized users.
At Neat, our applications are developed with security in mind. All code is peer-reviewed and checked for potential threats and vulnerabilities including the OWASP Top 10 web and mobile security risks.
We use static application security testing (SAST) to examine the code to find software flaws and weaknesses and dynamic application security testing (DAST) to examine our application as it’s running to find vulnerabilities that an attacker could exploit.
In addition to complexity password rules required and encrypted data in transit, we have implemented 2 Factor Authentication (2FA), which is an extra layer of security used to make sure that customers trying to gain access to our website and application are who they say they are.
At Neat we are performing penetration testing on an annual basis at both the application and infrastructure by third party independent companies, and we are running weekly automated vulnerabilities scanning to identify known vulnerabilities.
In addition, we use suspicious user behavior monitoring technologies to identify account takeover attacks, brute force attacks or a phishing scam. For any high risk scoring case, we are blocking access and forcing a password reset.
Our infrastructure is hosted on Amazon Web Services (AWS). They provide strong security capabilities and services to protect our service.
For more information about their security practices, see here.
All our employees undergo thorough extensive background checks and are required to attend information security awareness training. Tailored security training is provided to staff who are handling sensitive data. We also launched various campaigns to improve employee security awareness.
All employees must sign and follow all our internal security policies and procedures.
Please contact our Customer Service team immediately if you think your account has been compromised or you have any concerns on security or privacy issues.
Alternatively, if you have any questions or want to learn more about security at Neat, you can find more information in our Neat Business FAQ.