Diskus takes pride in its security and compliance standards. We are committed to providing our customers with a safe and secure platform that protects user's confidential information and data. We adhere to strict security standards, conduct frequent checks, and continuously monitor and audit to ensure the security of customer's data.
With Diskus, client data is always secured — whether stored on the cloud or on-premises. We also use row-level encryption for all granular levels of security by encrypting individual rows in the database. All this encryption makes sensitive data unreadable to anyone even long before it enters the database.
Diskus employs TLS 1.2 or later versions for every data entry. We also implement features like HSTS and Cloudflare to manage our server TLS keys and certificates, distributing them through application load balancers.
Diskus also ensures the confidentiality of application data. All application data are encrypted and placed in a vault service that only authorized users can access. We also review all the logs to monitor who accesses data and for what purpose to identify any unauthorized or suspicious activity.
Our security experts conduct regular penetration testing to identify vulnerabilities in our system. These audits are custom-designed for each of our products (website, mobile applications, and cloud infrastructures)—only security engineers have full access to the source code. The findings of these tests help us improve our security practices and provide you with a more secure platform.
We also ensure security at the software development stage. Our vulnerability scanning involves continuous code static analysis (SAST) testing, software composition analysis (SCA) to find vulnerabilities in our software supply chain, and network vulnerability scanning.
All business devices come with mobile device management (MDM) software and anti-malware security. Diskus ensures secure endpoint configuration by using MDM software. It involves password management, disk encryption, screen lock configurations, and regular software upgrades.
Diskus uses advanced identity-aware proxy technology to ensure remote access to internal resources is secure. The development team employs this access tool for SSH, Kubernetes, databases, internal web applications, and Windows systems. We leverage biometrics and machine identification to mitigate phishing risks, and our zero-trust design prevents attackers from pivoting within our network.
Diskus provides security training to all onboarding and existing employees through various educational modules of the Vanta platform. Plus, new employees' live onboarding sessions revolve around our important security principles. Our security team regularly updates employees on safety and security threats that require immediate action or attention.
Our production infrastructure is efficiently designed with redundancies in highly available configurations across multiple availability zones. So, if one part of the system falls, another quickly takes over. An auto-back policy facilitates the retrieval of crucial data in case of disaster.
Diskus uses Terraform as code to maintain infrastructure. We allow modifications through a procedure that replicates the application-level software development process. We use separate infrastructure for development, staging, and live environments and strictly limit data sharing between them.
Diskus ensures the protection of user's confidential information and data and takes pride in its security and compliance standards. We adhere to strict security standards, conduct frequent checks, and continuously monitor and audit to ensure the security of customer's data.
Free Trial Acess
