Security as a company value.

We take security seriously.

We establish policies and controls, monitor compliance with those controls, and prove our security and compliance to third-party auditors.

Data is protected and compliant

SOC2 Certified

Untether’s security posture has been certified according to the Trust Services Criteria (TSC) covering security, availability, processing integrity, confidentiality and privacy.

HIPAA Compliant

Untether is compliant with US Health Insurance Portability and Accountability Act (HIPAA) - includes privacy, security, breach disclosures and the physical safeguards.

Infrastructure Security

Untether is regularly audited by third-party reviewers, penetration testers and monitors the configuration infrastructure with our cloud providers with best practice.

Enterprise Security Monitoring

Security Development

Untether engineers rigorously review all code changes, write abstractions to minimize mistakes, harden all deployment infrastructure, and maintain strict corporate security policies. Also utilize static analysis, vulnerability management, and dependency management tools throughout the development lifecycle.

Secure Storage

Untether encrypts and secures data at rest utilizing AES-256 encryption, and for data in transit relies on TLS.

Penetration Testing

Untether engages industry-leading firms to perform annual tests, using a mix of dynamic fault injection and in-depth study of source code. Includes testing scanning ports, SQL injections, and cross-site scripting.

Incident Response

Untether rapidly investigates and responds to all reported security issues. Issues reported by our status page.

Data Access & Privacy

Access is limited to only those with a legitimate business need and granted based on the principle of least privilege. See our Privacy Policy.

Organizational Security

All Employees and contractors undergo background checks prior to being engaged or employed by us in accordance with laws and best practice. Everyone signs Confidentiality or Non-Disclosure Agreements (NDAs).

Security Tools

Availability is tracked on our Untether Labs status page.

Vulnerability scanning done by Snyk.

Device Management by Rippling. Secrets management by Doppler.

Have security questions?

Request docs or help us by reporting any potential issues.