Data Security Overview

Encryption, access controls, and infrastructure security.

Encryption

  • In Transit — all connections use TLS 1.2/1.3 (HTTPS enforced via HSTS)
  • At Rest — database storage uses AES-256 encryption (LUKS2)
  • API Keys — stored as bcrypt hashes, never in plaintext
  • Passwords — bcrypt-hashed with per-user salt

Access Controls

  • Two-Factor Authentication — TOTP-based 2FA available for all accounts
  • Tenant Isolation — each customer's data is strictly separated at the database level
  • API Rate Limiting — Redis-backed sliding window prevents abuse

Infrastructure

  • Hosted on AWS with firewall-restricted access
  • Only HTTPS (ports 80/443) exposed to the internet
  • All internal services communicate over private Docker networks
  • Regular security audits and penetration testing

More in Security & Privacy

Learn more: Revenue Leakage: The Complete Guide to Detection & Prevention

Ready to Find Your Revenue Leaks?

LeakShield AI uses autonomous agents to monitor your revenue streams 24/7 — detecting leaks, prioritizing by impact, and showing you exactly how to fix them.

Get Started