Enterprise Security

Security at
CitedMe

We take the security of your data seriously. Learn about the measures we implement to protect your information and maintain trust.

Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

Infrastructure

Hosted on AWS with SOC 2 Type II certification. Regular security audits and penetration testing.

Access Control

Role-based access control, multi-factor authentication, and audit logging for all actions.

Compliance

GDPR and CCPA compliant. We follow industry best practices for data protection.

Our Security Practices

Data Encryption

All data transmitted between your browser and our servers is encrypted using TLS 1.3. Data at rest is encrypted using AES-256, one of the strongest encryption standards available. Database backups are also encrypted and stored securely.

Infrastructure Security

CitedMe is hosted on Amazon Web Services (AWS) infrastructure that maintains multiple certifications. We use isolated VPCs, security groups, and network ACLs to protect our systems. Regular vulnerability scans and penetration tests are conducted by third-party security firms.

Authentication & Access

We support multi-factor authentication (MFA) for all accounts. Passwords are hashed using bcrypt with appropriate work factors. Employee access to production systems follows the principle of least privilege and requires VPN and MFA.

Monitoring & Incident Response

Our systems are monitored 24/7 for security anomalies. We maintain an incident response plan and conduct regular drills. In the event of a security incident, affected customers will be notified within 72 hours as required by GDPR.

Employee Security

All employees undergo security training and background checks. Access to customer data is strictly limited and audited. Employees use company-managed devices with endpoint protection and encryption.

Certifications & Compliance

SOC 2 Type II
GDPR Compliant
CCPA Compliant
ISO 27001 (In Progress)

Report a Security Vulnerability

We appreciate the security community's efforts in helping us maintain a secure platform. If you discover a security vulnerability, please report it responsibly.

security@citedme.com

Frequently Asked Questions

Where is my data stored?

Your data is stored in AWS data centers in the United States. Enterprise customers can request data residency in specific regions.

How long do you retain my data?

We retain your data for as long as your account is active. Upon account deletion, data is removed within 30 days. Backups are purged within 90 days.

Can I export my data?

Yes, you can export your data at any time from your account settings. We provide exports in standard formats (JSON, CSV).

Do you have a bug bounty program?

Yes, we run a private bug bounty program. Contact security@citedme.com for more information.