---
title: Security and compliance
description: Security and compliance
---

# Security and compliance

 Infoveave is built on a strong foundation of security & compliance. The platform aligns
 with key compliance standards and includes built-in help resources for ease of use.

| <span style="background-color: #f0f8ff; padding: 5px; border-radius: 3px;">CATEGORY</span> | <span style="background-color: #f0f8ff; padding: 5px; border-radius: 3px;">DETAILS</span> |
|---------------------------------|---------|
| **Authentication**              | • BCrypt-based one-way password encryption.<br/>• Two-step password reset process.<br/>• User lockout on multiple invalid login attempts.<br/>• Multi-factor authentication.<br/>• Integration with Okta and Entra. |
| **Role-based Access Control (RBAC)** | • Fine-grained permissions at the application, module, and feature level.<br/>• Data context-based access to users.<br/>• One-way hashing & reversible encryption at user level to control access to sensitive data. |
| **Audit Log**                   | • Audit logs on user access to various assets and for every action performed.<br/>• Version history of queries, workflows, user-entered data, and visual comparison across all versions. |
| **Backup and Disaster Recovery** | • Multi-region deployments with automated failover.<br/>• Data backup on the cloud and on-premise based on client needs.<br/>• Defined and documented business continuity process with annual tests for recovery. |
| **Product Help and Support**    | • In-app guided feature walkthroughs.<br/>• Searchable online product help with video tutorials.<br/>• Email-based support. |
| **Compliance and certification** | • ISO 27001:2022, SOC2 Type II compliance.<br/>• ISO 27701*, ISO 27017*, HIPAA*, CCPA*, GDPR*.<br/>• CERT-IN Certified Vulnerability & Penetration Tested.<br/>• EcoVadis rated as 'Committed' for sustainability. |