We are committed to protecting the confidentiality and security of your information. We understand the sensitivity of your data and assure you that this information will remain strictly confidential.
Pentane will never disclose, share, or sell your, or any, related financial data to any third party, except as required by law or with your explicit consent. We employ stringent security measures to safeguard your data and ensure it is used solely for the purpose of providing our services to you.
OAuth Connections:
Pentane uses OAuth, a secure authorization protocol, to connect limited company data without sharing your credentials. When you initiate an OAuth connection, you're redirected to the authentication page of the service you're connecting to, where you’ll enter your credentials directly.
This process ensures that Pentane never sees or stores sensitive information like passwords. After successful authentication, a secure token is issued, granting limited access to company data based on your permissions.
These tokens are securely stored within Pentane, used only for necessary API interactions, and can be revoked by you at any time, maintaining full control and security over your data.
Below are just a few, not all, of the protocols we have implemented:
- Only key members of Pentane operation and security team have access to Pentane data.
- Customer data never leaves AWS cloud.
- Firewalls protect all network traffic in the datacenter. These firewalls use AWS managed policies along with custom firewall rules.
- Intrusion detection and prevention software is installed and running on all servers at all times.
- All network traffic is monitored in real time for abnormalities and known bad actors.
- All data in transit is encrypted using TLS 1.3. The TLS cert is renewed at least annually.
- All data at rest is encrypted using AWS 256 encryption.
- All backups are encrypted and stored within AWS cloud.
- Customer data is backed up daily and stored.
- Backups and DR systems are located in a geographically distant datacenter.
- Backups and DR are tested annually.