Metomic cryptographically hashes data to remove its sensitivity. It means that you can see your data risks, but no one else can - helping you decrease the risks of a data breach, without adding new ones. We also apply principles of data minimisation, and destroy data when it's no longer needed.
To ensure the security of your data, we regularly perform vulnerability scanning, patch management, and penetration testing. Data-at-rest and in-transit is encrypted — all network communication uses transport layer security (TLS) with at least 128-bit advanced AES encryption.
Security is incorporated into every step of our product development lifecycle - from initial feature design all the way through to code deployment. MFA provides an additional layer of security beyond your username and password. And you can control access to your Metomic account with fine-grained permissions.
All employees undergo background checks, and security awareness is a priority process in the onboarding of new workforce members. We follow the principle of least access, by providing employees with the minimal access necessary for their job functions, as well as regularly that philosophy across all infrastructure.