Enterprise-grade security, by default
Your operational data is critical. We've built Enigma Suite with security at every layer — from infrastructure to application to organizational practices.
How we protect your data
Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Keys are managed through a dedicated key management service with rotation policies.
Access Controls
Role-based access control (RBAC) with granular permissions. Multi-factor authentication (MFA) available for all accounts. Session management with configurable timeouts.
Infrastructure
Hosted on enterprise cloud infrastructure with SOC 2 Type II compliance. Data residency options for US, Canada, and Mexico. Redundant systems with automatic failover.
Application Security
Regular penetration testing by independent security firms. OWASP Top 10 protections built in. Web Application Firewall (WAF) protection. DDoS mitigation.
Incident Response
24/7 security monitoring with automated threat detection. Defined incident response procedures with SLAs. Customers notified within 72 hours of any confirmed breach affecting their data.
Compliance
SOC 2 Type II, GDPR-aligned practices, LFPDPPP (Mexico), PIPEDA (Canada). Regular third-party audits and security assessments. Data Processing Agreements available.
Report a vulnerability
We take security reports seriously. If you discover a vulnerability in Enigma Suite, please disclose it responsibly to our security team.
Email security@enigmasuite.com with details
Our team will acknowledge within 24 hours
We investigate and provide a timeline
Credit given to responsible reporters
Security contact
security@enigmasuite.com
PGP key available on request. Please do not disclose vulnerabilities publicly before our team has had a chance to address them.