Safety and privacy is our priority
Last updated on April 2024. Clovers’ success as a solutions provider relies on earning and keeping your trust. We have embedded security into every step of our development.
Keep reading to learn about our security practices and how you can support data safety too.
How Clovers protects your data
Secure data handling
We take data management very seriously. We classify all data, and our employees are trained in the proper handling of your (and our) data. Employees are granted access to systems that hold data on a “need-to-know” basis (i.e. if it’s required to do their job). Employees with access to systems that hold your data use strong passwords and multi-factor authentication.
Data encryption
We maintain up-to-date framework releases, use tried-and-tested modules, and apply fundamental security considerations to every aspect of our software design.
- SSL Encryption is used throughout our application
- All data is encrypted in transit
- All databases and database backups are encrypted at rest
Active monitoring
We continuously monitor for security issues within our technical stack. We utilize multiple types of logging to track the live (and past) state of our application to detect and recover from any security events. We maintain a list of our vendors’ security policies and monitor for security breaches that could lead back to our application. If needed, we deploy patches as quickly as possible.
- Continuous resource and infrastructure access monitoring
- Third-party web property scanning
- Security testing throughout our release process
- Annual employee privacy and data security training
Limited team access
We limit access to our systems to only those who need it.
- Unique logins are required for all business-critical systems
- Defined access to different parts of our system
- Role-based access is regularly audited and updated
Clear standards
We have clear principles and policies that reflect a thoughtful approach to security and work.
- ISO 27001
- GDPR
- SOC II
Secure servers
All data is securely backed up on a regular basis. We never move user data out of the secured environment for testing or any other reason.
Simplified processes
We keep our technical stack, our application, and our business processes lean. We automate as many testing, deployment, and backup processes as possible to reduce the possibility of human error. All new code is reviewed by at least two people and evaluated against our secure coding standards. We regularly remove code that has reached the end of its usefulness to keep our application simple and secure.
Even more
This is not a comprehensive list of the security measures we have in place to safeguard your data. If you have any more questions, please contact us. We’re glad to address any questions or concerns at [email protected].
Ways you can help protect your data
Manage users manually
It can be easy to forget to remove users who no longer need access to the Clovers platform. This is an often overlooked source of unauthorized access to data. To prevent this, we recommend regularly reviewing users.
Learn about privacy settings
Different companies have different privacy settings. Clovers provides many options when it comes to privacy. You can review our privacy policy here. Use our application in a way consistent with your privacy preferences. Feel free to email us with any questions or concerns at [email protected].
Report security issues
If you believe you’ve found something in the Clovers platform that presents a security concern, please follow our Responsible Disclosure Policy. Contact [email protected] to report your findings.