Our clients rely on Cruxx to protect their data, and we take that trust very seriously.
Our approach to information security and data privacy considers people, processes, and technology. Our services are hosted on Amazon Web Services, a cutting-edge datacenter that employs advanced architectural and engineering practices. Amazon's datacenters are verified for compliance with numerous stringent standards, regulations, and frameworks.
At Cruxx, we are committed to maintaining the highest standards of privacy and security for our customers. Our approach to privacy and security is comprehensive, incorporating advanced technologies and best practices to protect your information at every step.
We never share or mix your data with other clients, ensuring complete confidentiality and peace of mind as you leverage our insights.
No other 3rd party vendor or tech provider stores your data. Your data stays protected and under our strict controls.
When sending data to LLMs for processing, Cruxx redacts all brand names and sensitive information, keeping your data anonymous and secure.
If you share Personally Identifiable Information (PII) of your customers with Cruxx, we do not share that with any third party vendor or tech provider.
Authentication — Users authenticate via login credentials. User passwords are protected by the latest recommendations for strong encryption and hashing (AES-256 and bcrypt).
Access Controls — Our system has a multitenant architecture that logically separates customer data through access control based on company, users, and roles. All customer accounts are assigned a unique ID which allows access only to services and data consistent with the privileges assigned.
Redundant and Scalable Infrastructure — Cruxx data and services are deployed across geographically distributed availability zones managed by Amazon Web Services. Our scalable infrastructure ensures high availability by distributing application loads across resources.
Encryption — We use the latest recommended secure cipher suites to encrypt all traffic in transit, including TLS 1.2 protocol and SHA2 signatures for data traveling between clients and Cruxx services, as well as between Cruxx services over public networks. AES-256 bit encryption is used to protect application and customer data at rest.
Threat Monitoring — We employ technology and tools to detect and alert on potential network intrusions, command and control attempts, or system compromises. Our documented security incident response process includes escalation procedures, root cause analysis, impact assessment, and containment. We communicate promptly with affected customers, third parties, and authorities.
Recovery Capabilities — To ensure continuity in case of a regional outage, data is replicated across multiple availability zones. We perform complete data backups daily and observe proactive retention periods. Our backup restoration procedures are documented and tested regularly to ensure their effectiveness.
Design & Build Practices — We have a Software Development Lifecycle (SDLC) policy that guides engineers in following best practices for development and change control. Our code undergoes evaluation for design, functionality, and potential security vulnerabilities. Changes to the source code are managed through a standardized change management process. Along with automated and manual testing, our code is peer-reviewed before deployment to production.