DocumentationSecurity overview
Security
Security Overview
Enterprise-grade security with AES-256 encryption, SOC 2 certification, GDPR compliance, audit logging, and annual penetration testing.
SOC 2 Type II CertifiedGDPR CompliantCCPA CompliantHIPAA Available
Data Encryption
- AES-256 encryption at rest for all customer data
- TLS 1.3 encryption in transit for all connections
- Encrypted database backups with 30-day retention
- Secure key management with AWS KMS
Access Control
- Role-based access control (RBAC) with 5 default roles
- Multi-factor authentication (MFA) via TOTP or SMS
- Single sign-on (SSO) with SAML 2.0 and OAuth 2.0
- IP whitelisting for enterprise accounts
Compliance & Certifications
- SOC 2 Type II certified (annual audits)
- GDPR compliant with data portability and deletion
- CCPA compliant for California residents
- HIPAA compliance available for healthcare customers
Infrastructure Security
- AWS cloud hosting with 99.9% uptime SLA
- Daily automated backups with point-in-time recovery
- DDoS protection and web application firewall
- Intrusion detection and automated threat response
Audit & Monitoring
- Complete audit logs for all data access and changes
- Real-time security monitoring and alerting
- Annual third-party penetration testing
- Quarterly security reviews and vulnerability scans
Continue learning
Explore more resources
ProFlow360 CRM security for service businesses
ProFlow360 protects customer data with enterprise-grade security including AES-256 encryption at rest, TLS 1.3 encryption in transit, SOC 2 Type II certification, GDPR compliance, role-based access control, audit logging, and annual third-party penetration testing. Our security program follows industry best practices and is regularly audited by independent security firms.