Index

Data security

Data encryption

Data in transit

• All data transferred between the user's browser and Central’s servers is encrypted in transit. Central uses TLS v1.2+.

Data at rest

• Data is encrypted at rest using AES-256 key encryption with key material managed by AWS Key Management Service (KMS).
• Customer documents and database fields may use a second layer of AES-256 encryption with customer-specific keys.

Data center security

Data center provider

• Central uses Amazon Web Services (AWS) to host its production servers and supporting services.
• Central uses Neon (neon.tech) for hosted Postgres databases. Neon uses AWS to host it’s service and database instances.

Data availability

Backups

• Central’s production systems and data are backed up on a regular basis. We run through a checklist to verify data is recorded and usable. Backups are tested on a periodic basis.