Security

Clean Hands – Safe Hands recognizes the importance of taking effective safety measures to ensure a high standard of protection for customers, prospects, and partners.

Looking to report a security concern? Please visit our Responsible Disclosure page.

Security Program Highlights

Data Security

Clean Hands – Safe Hands encrypts data at rest and in transit for all customers. We use tools like Amazon Web Service’s Key Management System (KMS) to manage encryption keys using hardware security modules for maximum security in line with industry best practices.

Application Security

Clean Hands – Safe Hands, on a regular basis, uses automated third-party penetration testing. This testing evaluates the running application and the deployment environment.

Additionally, we use static analysis tooling integrated in our developer’s toolset and those provided by GitHub Advanced Security like Secrets Scanner and Dependabot to secure our product at every step of the development process.

Infrastructure Security

Clean Hands – Safe Hands uses Amazon Web Services to host all aspects of our application. We make full use of the security products within AWS including KMS (encryption), GuardDuty (monitor suspicious behavior) and Inspector (server vulnerabilities).

The IT infrastructure that AWS supplies to its customers is designed and managed in alignment with security best practices and a variety of IT security standards including, SOC2, SOC3, FISMA and FedRAMP, PCI DSS, ISO 9001/ISO 27001 and others.

We use automation wherever possible, from building environments to handling software deployments, to ensure consistent operation.