Security Policy

Compliance & Security Certifications

Middleware successfully completed the AICPA SOC2(Service Organization Control) audit.

The audit was performed by Prescient Assurance & confirms that Middleware’s information security practices, procedures, policies and operational pipeline meet the SOC2 standards for security. 

The continuous compliance under SOC2 principles across our organization is monitored by Vanta.

Our current & prospective customers can request access to the audit report by reaching out to our security & privacy email after accepting NDA terms.

Secure Operational Practices

Middleware’s standard operational practices make sure that Confidentiality or Non-Disclosure Agreements (NDAs) are signed by all employees and contractors, who have a need to access sensitive or internal information. 

Middleware’s support team accesses application data only for maintenance, application health and upon customer’s request if needed to provide support.

Secure Software Development

We build security into our DNA:

  • Secure development lifecycle enforced at every phase
  • Mandatory design reviews for proactive threat mitigation
  • Continuous team training in the latest security best practices
  • OWASP Top 10 adherence for comprehensive web app protection

Security Testing Practices

Middleware safeguards & mitigates potential threats with rigorous security testing:

  • Regular penetration testing and vulnerability scans on production environments.
  • In-depth code analysis (static and dynamic) including open-source libraries.

Cloud Security

Middleware Cloud is hosted on Amazon’s AWS servers (data center in India).

  • Individual Data Storage: Each account's data is securely isolated, ensuring privacy and preventing any cross-contamination.
  • Secure Access: Every request is rigorously verified before any data access is granted – unauthorized attempts are blocked.
  • Robust Encryption: Your data is encrypted both when stored and during transmission, safeguarding it from prying eyes.
  • Reliable Backups: Daily backups of your data are encrypted and securely stored on the trusted Amazon Web Services platform, with a 7-day retention for disaster recovery.

Contact Us

If you have any questions about this Privacy Policy, please contact us by email: contact[at]middlewarehq[dot com].