Skip to content

Your Security Is Our Priority 

Our team takes every measure possible to ensure your data is protected and safe.

Twosense is SOC 2 Type II Compliant

This achievement indicates that our handling and processing of customers’ data meets key security standards. The protection of customer data is the highest priority for our team, and we’re committed to building a robust security & compliance program. 

Artboard 2

Data Center and Network Security

Twosense hosts all its software in Amazon Web Services (AWS) facilities in the USA. Amazon provides an extensive list of compliance and regulatory assurances, including SOC 1-3 and ISO 27001. See Amazon’s compliance and security documents for more detailed information.

100 percent of Twosense's primary application servers are located within Twosense's virtual private cloud (VPC), protected by restricted security groups allowing only the minimal required communication to and between the servers.

Application Security

Our applications and services are built with various third-party technologies which are automatically monitored for vulnerabilities and patched promptly when discovered.

Twosense conducts application penetration testing by a third party at least annually in addition to Twosense's continued internal testing and review program.

Artboard 3
Artboard 4

Data Security

All connections to Twosense are encrypted using TLS, and any attempt to connect over HTTP is redirected to HTTPS.

All customer data is encrypted at rest and in transit. We rely on AWS infrastructure to securely maintain our cryptographic encryption keys.

We use industry-standard AWS-managed PostgreSQL RDS and Redshift data warehousing systems.

Security and Development Practices

The design of all new product functionality is reviewed for security impact, with Twosense conducting mandatory code reviews for all changes to the code. Twosense development and testing environments are separate from its production environment. All code development is done through a standard process.

Our infrastructure is defined and deployed using infrastructure-as-code tooling, including Terraform and Cloudformation, with all changes tracked and reviewed before deployment.

Vulnerability Disclosure Process- At Twosense, we prioritize the security of our systems and the protection of our customers’ data. To ensure the effectiveness and responsibility in the handling of security vulnerabilities, we have established the following responsible disclosure policy: