We are serious about your security.
The security of your data and earning your trust is core to our culture, processes and everything we deliver.
Protecting your data
Data that is transferred between your apps and our servers is encrypted using SSL. We work to maintain the highest standards for encryption in our applications and browsers we support. We disable support for older encryption standards that are no longer considered strong. This is one reason that we drop support for older browsers aggressively. Read more about our browser support policy.
Data center security
Ensos and your data are hosted on Amazon Web Services (AWS), a highly scalable cloud computing platform. Amazon takes physical and network security seriously. You can read more about the specifics of their approach at https://aws.amazon.com/security/.
You choose who to invite to your Ensos account and the permissions they have. Our team do not have access to login to your account. On rare occasions, it may be that we can better assist in investigating a problem you are having with Ensos if we can access some part of your data in readable form. We would always ask your permission before taking this action and the process requires authorization and coordination across multiple personal and security layers internally.
We protect and support
Keeping systems safe is part of our daily life here at Ensos. We have strict internal policies and processes to keep our team and their kit safe, to protect our assets, and to limit access to sensitive systems and infrastructure to key staff on a needs-only basis.
Backup and availability
Our systems automatically replicate your data across multiple locations in real-time to maximise availability. In addition, data is further backed up hourly to ensure we can restore access to your data and the service in the unlikely event that all locations suffer complete failure. Our monitoring alerts us to any trouble and we have staff on-call at all times to quickly resolve unexpected incidents.
Updates and external review
We update Enos most days and aim to deliver our customers with the most secure and stable version of our apps. We monitor security advisories and other security community output closely. We work promptly to upgrade the service to respond to potential new threats and vulnerabilities as they are discovered. We work with certified independent specialists on a regular basis to undertake systems penetration testing and source code reviews.
Credentials such as passwords and API keys are strongly encrypted. We maintain PCI-DSS certification for payment collection. We do not store credit cards on our systems.
Concerns or want to contact us?
For concerns that are urgent or sensitive, please email us on our sensitive support channel firstname.lastname@example.org so that it can be handled promptly by our security team.