Enterprise-grade Data Security & Privacy

We take security very seriously at Veris and safeguarding customer data is our most critical responsibility. Our security program is aligned with the ISO 27001 standards as well as industry best practices such asn OWASP top 10 and GDPR. All customer data is hosted on SOC2 certified AWS Data Centers, globally

Schedule a demo

Key Principles of our Security

Security

Secure architecture, security best practices, application development and SOC2 data centers to ensure safety of customer data

Privacy

Our best-in-class platform complies with GDPR and CCPA and is powered by Secure Data Encryption and InfoSec Controls and processes

Availability

Resilient architecture and subprocessors to ensure highest uptime, availability and experience for customers and end-users

Application and Data Security

Secure by Design

Our product development follows our Secure SDLC and risk assessment leveraging OWASP Top 10 and privacy principles

Intrusion Detection & Prevention

Our infrastructure is continuously monitored and secured using firewalls, IDS and IPS tools to protect against unauthorized attacks.

Access Control

We offer role-based access through IAM which enforces segregation of duties, two factor authentication and end-to-end audit trails.

Tier 4 AWS Data Centers

Our data and application are hosted on AWS infrastructure with multiple availability zones and are secured via the shared responsibility model of AWS.

Regular Penetration Testing

Regular penetration testing is conducted by experts to plug any security loopholes in the system during continuous updates.

Data Privacy & GDPR Readiness

Encryption

Veris deploys Industry-accepted data encryption to protect, shield and secure customer data and communications during transmissions as well as storage level.

GDPR Ready

We are committed to complying with GDPR in providing services to our customers as a processor and to ensuring that our customers continue to use our services while complying with the GDPR.

Duty Segregation

Stringent access controls ensure restricted access to a limited set of users in production based on the principles of least priviledge. Access is logged, monitored and reviewed continuously

Certification & Compliance

We do not share or access your data without prior permission. We strictly adhere to global standards of information security and are certified with ISO 27001 and ISO 9001.

User Consent & Data Retention

Veris allows customers to display their privacy notice and collect consent from its users. Veris customers can configure retention policies to comply with GDPR and CCPA.

Secure Data Processing

As per GDPR, Veris acts as a data processor, processing customer data securely. All Veris sub-processors undergo stringent security and privacy review before being onboarded.

Resilient Architecture for High Uptime

Load balancing & availability

Veris ensures high availability and uptime using elastic load balancing, auto-scaling and distributing traffic across multiple availability zones via AWS elastic cloud and Lambda Services.

Data Backup & Disaster Recovery

Data is regularly backed up, stored and encrypted using AWS Backup Services. Multi-AZ deployments ensure fully automatic recovery in case of failures. DR tests are conducted monthly.

Proactive Monitoring

Veris continuously monitors the infrastructre using New Relic and other tools. Proactive capacity management is in place to increase capacities when needed in a highly elastic manner.

Incident & Breach Management

Procedures are established for reporting incidents, and tracking it for timely communication, investigation and resolution.