Security
How we protect your data and our infrastructure.
Infrastructure Security
Erns is hosted on SOC 2 Type II certified cloud infrastructure. All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Our infrastructure is monitored 24/7 with automated threat detection and incident response.
Authentication & Access
We use Clerk for enterprise-grade authentication with support for multi-factor authentication (MFA), SSO via SAML/OIDC, and session management. API keys are hashed using bcrypt and never stored in plaintext.
Data Protection
Your financial data and personal information are stored in encrypted databases with strict access controls. We follow the principle of least privilege — employees access only the data they need to do their jobs. All access is logged and audited.
Compliance
- ✓ SOC 2 Type II Certified
- ✓ GDPR Compliant
- ✓ CCPA Compliant
- ✓ Regular Penetration Testing
Vulnerability Reporting
We appreciate responsible vulnerability disclosure. If you discover a security issue, please report it to security@tychefinancials.com. We respond to all reports within 24 hours and offer a bug bounty program for qualifying vulnerabilities.
Questions
For security-related inquiries, contact security@tychefinancials.com.