Security Policy

Last updated: May 15, 2025

At Version Desk, we take the security of your data seriously. We are committed to protecting your information through a combination of technical, administrative, and physical measures.

Infrastructure Security

• Our servers are hosted in industry-standard cloud environments (e.g., AWS, GCP) with firewalls and network isolation.
• We use HTTPS encryption (TLS 1.2 or higher) for all data in transit.

Application Security

• Regular code reviews and automated security testing.
• Role-based access control to restrict sensitive actions to authorized users.
• Input validation and protection against common vulnerabilities (e.g., XSS, CSRF, SQL Injection).

Data Protection

• Customer data is encrypted at rest and in transit.
• Backups are performed regularly and stored securely.
• Access to production environments is tightly controlled and logged.

Authentication & Account Security

• Passwords are hashed using bcrypt or better.
• Support for multi-factor authentication (MFA).
• Session management to prevent hijacking and unauthorized access.

Incident Response

We have a dedicated process for responding to security incidents. If we detect unauthorized access or data exposure, affected users will be notified promptly.

Reporting Vulnerabilities

If you believe you've found a vulnerability in Version Desk, please report it responsibly by emailing security@versiondesk.com.