Security & Privacy
Data security is vital to operations at Monterey AI
Monterey AI implements various controls compatible with modern standards that ensures we maintain healthy practices, monitor systems, and address vulnerabilities. We are currently working towards our SOC 2 Type II certification and will provide the report to customers once available.
We also will grant access to our Trust Report by requesting access here.
Data is encrypted at rest, whether application data stored in our primary SQL database, or customer assets stored on S3. Access tokens and other sensitive keys stored on behalf of users are additionally encrypted by the system when possible as an extra layer of protection.
Data in transit is encrypted using TLS and the application is accessible over HTTPS and will direct users automatically from HTTP to HTTPS to ensure their browsing is secure.
Application secrets are encrypted and stored securely via AWS Parameter Store. Access to secrets is limited to machine users needed for deployment and operation of services as well as human users that need to manage them.