How we keep Cased and your data safe
All of our data and servers are hosted in physically-secure Amazon Web Services facilities, featuring world-class on-site security and monitoring.
We store and transmit all your data using industry-standard AES-256 encryption. Cased API endpoints can only be accessed via HTTPS.
We activitely monitor our systems for attempted network intrusion, attempted data access, and more.
Cased Audit Trails provides easy-to-use, built-in API features that allow you to specify data as sensitive, hiding it by default in the Cased UI and requiring a reason for access.
The Cased client is a light-weight Python application that runs only when invoked when a user attempts to run a guarded application. It works without sidecars and agents, reducing risk. It has minimal access to your system, and it is distributed transparently via industry-standard package managers.
We protect all our deployments and sensitive data access with Cased CLI, enjoying the benefits of peer approvals and a detailed audit trail of all actions.
All employees, whether directly involved in engineering or not, are required to undergo full security training, including phishing awareness, protection of devices, and more.
We manage all employee devices through a central MDM product, and use continuous monitoring of systems for endpoint protection.
Cased is fully HIPAA compliant and can store and transmit sensitive medical data for our customers and your customers.
Cased has nearly completed its SOC 2 Type II audit, and can provide documentation of relevant processes and controls.