Cloud Security</li> <li>Physical Protection</li> </ul> <p>Key to our incident prevention strategy are identifying what data we need to protect, where that data resides, and who requires access.&nbsp. Information assets include data that has value to our business, including business intelligence, customer data, passwords, keys, etc.&nbsp. Such assets are protected in part by appropriately provisioning access based on the needs of the specific job function or role.&nbsp;</p> 7.1 Data Protection and Encryption <p>Customer access is protected with Multi-Factor Authentication (MFA) and/or Single Sign On (SSO). Customer data is encrypted at rest using AES256 and browser client communication is encrypted with a minimum of Transport Layer Security (TLS 1.2). Passwords are stored with a SHA256 salted hash format.</p> 7.2 Network and Infrastructure <p>Our services are hosted on the three major cloud providers with hosting data centers in the U.S. Our use of automation throughout our operations minimizes the need for “human touch” to critical systems and data, further minimizing risk vectors.</p> <p>