Built with security at the core

Security is of the utmost importance at Metomic and is in the roots of our culture. It is our goal to help companies remove security threats, without adding new ones. We take extra steps to initiate the best security practices across the data layer, tech layer, product layer, and organisational layer.

Metomic is SOC 2 compliant.

Data layer

Secure architecture

Metomic cryptographically hashes data to remove its sensitivity. It means that you can see your data risks, but no one else can - helping you decrease the risks of a data breach, without adding new ones. We also apply principles of data minimisation, and destroy data when it's no longer needed.

Technology layer

End-to-end encryption

To ensure the security of your data, we regularly perform vulnerability scanning, patch management, and penetration testing. Data-at-rest and in-transit is encrypted — all network communication uses transport layer security (TLS) with at least 128-bit advanced AES encryption.


Controlled access

Security is incorporated into every step of our product development lifecycle - from initial feature design all the way through to code deployment. MFA provides an additional layer of security beyond your username and password. And you can control access to your Metomic account with fine-grained permissions.


Continuous awareness

All employees undergo background checks, and security awareness is a priority process in the onboarding of new workforce members. We follow the principle of least access, by providing employees with the minimal access necessary for their job functions, as well as regularly that philosophy across all infrastructure.

"At Metomic, security is fundamental to our product, technology, culture. We're dedicated to protecting our customers' data by embedding security and privacy throughout all levels of the organisation, and always striving to improve."

Rich Vibert, CEO at Metomic