How secure is Multiplier?
We take our responsibility to protect your data seriously and place security at the heart of every decision we make.
The entire platform uses 256-bit encryption and HTTPS / SSL for securely transmitting data.
Multiplier is built on top of AWS. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate
- Sarbanes-Oxley (SOX)
What kind of data do we store?
The only data that we store are your Okta / Azure AD credentials (URL and the API token). These are encrypted client side, and then encrypted at rest using keys stored in AWS KMS.
Where is the data stored?
The data is stored in AWS, in the US East (Ohio) region.
What kind of access to the data do internal employees have?
Only the founders have access to the AWS console. Every single change made in AWS is logged using AWS CloudTrail.
Do you have a confidentiality agreement?
Our confidentiality agreement is outlined under section 14 on https://docs.multiplierhq.com/article/7-end-user-license-agreement
What sort of audits have you gone through?
We adhere to all of the security requirements enforced by Atlassian for cloud apps, outlined here.
In addition, we're enrolled in Atlassian's security self assessment program for marketplace apps. We're currently in the process of getting our SOC2 audit.