‍

Trust

Companies trust Handoffs Inc. with their data. The main goal of our dedicated InfoSec Team is keeping your data safe and secure. We leverage enterprise-class security features, third-party penetration tests, compliance audits, and infrastructure best practices to ensure our customers and their data are always protected.

‍

Data Encryption

We protect the confidentiality of all your data, backups, and tokens via AES 256-bit encryption.

‍

Advanced Password Protection

Passwords are hashed and salted to protect them from password cracking methods, such as rainbow-table and reverse-engineering attacks.

‍

Data Backups

Handoffs Inc. has encrypted automatic backups utilizing Write Once Read Many (WORM) storage which renders the backups tamperproof.

‍

Data Center Security

Handoffs Inc. with Amazon AWS, which provides our customers with extra network and server security. The facilities are top of the line and audited for compliance and industry best practices.

‍

IT & Network Security

All communications between your browser and graceam.com are encrypted via HTTPS/TLS v1.3.

‍

Site Availability

DDoS protection is defaulted for all customers to maintain the uptime of our service against attacks.

‍

SSO & 2FA

Login via Google Authentication as an added layer of security to protect fraudulent access to your account.

‍

Data Retention

Handoffs Inc.’s app provides flexible data retention policies designed to fit your needs.

‍

Real-Time Monitoring

Handoffs Inc. uses best-in-class software and processes to ensure that malicious actors are unsuccessful in gaining unauthorized access to our platform and your data.

‍

Threat Prevention

To detect and prevent suspicious activity, Handoffs Inc. utilizes industry-leading cybersecurity technology to build intelligent models of normal/expected behavior. Handoffs Inc. employs system monitoring for network-based and host-based Intrusion Detection (IDS) and has Intrusion Prevention (IPS) systems to detect anomalous and/or malicious traffic on our networks and systems.

‍

SOC 2 Certified

Handoffs Inc. is pending an independent third-party SOC 2 certification which means our processes and operating effectiveness of our security controls are continuously audited.

‍

GDPR Compliant

Handoffs Inc. is compliant with the General Data Protection Regulation (GDPR) which applies to citizens of the European Union. To view our Data Processing Addendum (DPA) please visit https://graceam.com/dpa

‍

PCI Compliant via Stripe

Handoffs Inc. uses Stripe.com and is compliant with the Payment Card Industry Data Security Standard (PCI DSS).

‍

CCPA Compliant

Handoffs Inc. is compliant with California Consumer Privacy Act (CCPA) regulations.

‍

Pen Testing

Handoffs Inc., network, and assets undergo regular penetration testing by in-house security experts and independent third parties to ensure that our data is secure and protected.

‍