Narmada Security Practices

That’s why we’re building our company, product, and services to be highly secure and trustworthy from the start. We hope you’ll join us.

Data Security

  • Data is encrypted at rest and in transit.
  • Access to the back-end and front-end is protected by MFA and strong passwords.
  • Regular backups are performed using multiple redundant solutions.
  • Customer data is never moved outside of Azure hosted and encrypted environment.

Data Retention

  • Data is retained for certain amount of time for recovery requirements.
  • At the request of the client, data can be purge from all storage location to comply with GDPR or other compliance requirements or in the vent of contract termination.

Application Security

  • Regular patching is performed.
  • External and internal vulnerability scans are performed.
  • Penetration tests are performed.
  • We follow OWASP best practices.

Physical Security

  • All systems and data is physically stored in Azure data centers:
  • Azure East region for the US instance with replication to Azure West region.
  • Germany West for the EU instance with replication to Azure UK.
  • Physical security is provided by Azure datacenter staff.

Security Awareness

  • Security and privacy policies are regularly reviewed and updated to stay abreast of new threats.
  • All staff is regularly trained and screened.