Skip to main content

Platform Security

Semvar prioritizes the security and protection of your data through comprehensive security measures implemented at every level of our platform.

Encryption in Transit

The platform secures all data in transit using industry-standard Transport Layer Security (TLS) version 1.2, ensuring robust protection against unauthorised access.

Encryption at Rest

All data is automatically encrypted at rest using AES-256, providing robust protection for all disk data.

Sensitive Data & Password Hashing

We never store passwords or other critical information in plain text. Instead, passwords are securely hashed using bcrypt with a cost factor of 10, and application-level encryption can be applied where appropriate to further protect customer data.

Backups

Automated daily backups are stored securely and encrypted at rest, and customer data is never kept on local developer machines or unmanaged storage, as all data resides in secure, cloud-hosted infrastructure with controlled access.

Data Centres

Our standard infrastructure is hosted on Amazon Web Services (AWS) in the eu-west-1 region (Ireland), ensuring EU data residency and compliance with data protection regulations.

Geo-located data centres in other regions are available on request to meet specific compliance or latency requirements.

User Access Controls

User access is invitation-only, initiated by an existing authenticated user; role-based access control (RBAC) is implemented across the platform to ensure that users only have access to resources and actions appropriate to their roles.

Single sign-on (SSO) is available upon request for enterprise users, with additional charges applicable.

Multi-Factor Authentication (MFA)

Two-factor authentication (2FA) and multi-factor authentication (MFA) are available to enhance account security. This can be configured as optional or mandatory at the organization level, depending on your security requirements.

Password Policies

Semvar enforces robust password security through configurable policies:

Minimum Complexity Requirements

  • Minimum 8 characters in length
  • Must contain at least one uppercase letter
  • Must contain at least one lowercase letter
  • Must contain at least one special character

Password Rotation

  • Optional automatic password rotation every 90 days
  • Configurable per organization
  • Users receive advance notifications before password expiration
  • Grace period options available for seamless transitions

Password policies can be customized to meet your organization's specific compliance and security requirements.