Welcome to our Trust Center.
The EASE platform has been designed for 360° security. We’re dedicated to keeping
your company and user data safe, while ensuring you have complete transparency of our security policies.
Compliance is a top priority.
The EASE platform is fully compliant with SOC II, GDPR, and ITAR standards, demonstrating our commitment to setting the highest security standards and building best-in-class practices. Every year, we validate our security with 3rd party application and penetration testing against our production environments.
User & device authentication.
When users log in, an authentication token is issued with a limited valid lifetime that varies according to environment and device type. The EASE platform also supports Single Sign-On (SSO) with most Identity Providers (IdP) to enable advanced authentication services like MFA.
Authorization & access controls.
Our web pages and web service API calls require an authenticated identity and specific role membership(s) for a user to access certain resources — based on your administrator’s assignment of permissions to a specific user.
Rock-solid account protection.
User passwords are stored securely in our database using a one-way hash value, making decryption impossible. We enforce minimum password rules during changes. Authentication is fortified against CSRF with token usage, and our system implements throttling to prevent DDoS attacks.
Traffic & document encryption.
Web browser access via TLS v1.2 is used to encrypt data traffic between the users and EASE. All traffic between users and our platform is encrypted in transit. We review our SSL ciphers regularly and disable any weak ciphers. And all documents and attachments are automatically encrypted using the AES-256 encryption process.
