We help keep your data secure in the cloud or on-premises. For highly sensitive data and restricted workloads, we work with cutting edge cloud services providers to host your data in compliant regions like AWS GovCLoud (US) and Microsoft Azure Government.
We use the most advanced industry-standards for authentication and authorization. Both on-premises or in the cloud, we can help your team restrict access to sensitive data down to the most granular level.
For our SaaS offering we use Amazon RDS for PostgreSQL and isolate the database inside a virtual private cloud that can only go through our app's endpoint. We then further silo specific actions coming out of our endpoint into specific access tiers enforced at the RDS level (most Verve users are performing actions that connect to the database with a database account that can't write to the user table for example). Our AWS GovCloud RDS deployments are single-tenant instances; you wouldn't share a database with any other customers. We also regularly evaluate our web application security using Zed Attack Proxy, and enforce internal corporate endpoint security policies.
At rest or in transit, make sure your data remains encrypted with government standard cryptographic modules.