Three key factors of security -- access control, authentication, and encryption -- are employed throughout the Vero infrastructure to keep customer data safe and secure.
Access control, both physical and virtual, limits those who can access data in any form to a small number of key personnel who are responsible for service operations, such as troubleshooting, applying security patches, and regular backups. And all such access is logged for audit purposes in cryptographically unalterable ledgers.
Authentication measures control what (devices) and who (users) can access specific "partitions" of data, separated by customer, for which Vero employs industry-standard expiring token-based authentication methods.
Encryption of data, using proven TLS encryption for data in transit and AES encryption of data at rest (including archived backups), adds an additional layer of security by preventing access to or compromise of (either intentional or accidental) customer data without proper authentication.