SECURITY
SECURITY
Data
Data in transit
All data transferred between the user's browser and Central’s servers is encrypted in transit. Central uses TLS v1.2+.
Data at rest
Data is encrypted at rest using AES-256 key encryption with key material managed by AWS Key Management Service (KMS). Customer documents and database fields may use a second layer of AES-256 encryption with customer-specific keys.
Data center security
Central uses Amazon Web Services (AWS) to host its production servers and supporting services. Central uses Neon (neon.tech) for hosted Postgres databases. Neon uses AWS to host it’s service and database instances.
Data availability
Central’s production systems and data are backed up on a regular basis. We run through a checklist to verify data is recorded and usable. Backups are tested on a periodic basis.
DEVELOPMENT & TEAM
Access controls
Access to Central’s systems is limited based on employee roles and responsibilities. The principle of least privilege is enforced.
Testing and review
All changes to our application are subject to peer review and testing before being merged.
Separate environments
Central maintains segregated testing, development, and production environments.
Dedicated team
Central has a dedicated security team to enforce secure practices and respond to security incidents quickly and efficiently.
Policies
Central maintains a robust set of security policies that are updated periodically to meet the demand of an evolving security environment. Policies are communicated to employees and available for review at any time.
VULNERABILITY MANAGEMENT
Vulnerability scanning
Central uses AWS’ security tools to constantly scan our applications, systems, and infrastructure for potential security risks and vulnerabilities.
Code analysis
Central’s code repositories are regularly scanned for security issues using static code analysis.
Bug bounty
We welcome responsible disclosure from security researches, though Central does not offer rewards for user-submitted bugs at this time.
PRODUCT
Multi-Factor Authentication
Central allows you to add an extra layer of security to your account by enabling two-step verification, also called two-factor authentication. This reduces the risk of having your account accessed by anyone else. Central supports both SMS and TOTP two-factor codes.
Fraud monitoring
Central’s financial partners monitor customer accounts and transactions to help prevent fraud.
Data
Data in transit
All data transferred between the user's browser and Central’s servers is encrypted in transit. Central uses TLS v1.2+.
Data at rest
Data is encrypted at rest using AES-256 key encryption with key material managed by AWS Key Management Service (KMS). Customer documents and database fields may use a second layer of AES-256 encryption with customer-specific keys.
Data center security
Central uses Amazon Web Services (AWS) to host its production servers and supporting services. Central uses Neon (neon.tech) for hosted Postgres databases. Neon uses AWS to host it’s service and database instances.
Data availability
Central’s production systems and data are backed up on a regular basis. We run through a checklist to verify data is recorded and usable. Backups are tested on a periodic basis.
DEVELOPMENT & TEAM
Access controls
Access to Central’s systems is limited based on employee roles and responsibilities. The principle of least privilege is enforced.
Testing and review
All changes to our application are subject to peer review and testing before being merged.
Separate environments
Central maintains segregated testing, development, and production environments.
Dedicated team
Central has a dedicated security team to enforce secure practices and respond to security incidents quickly and efficiently.
Policies
Central maintains a robust set of security policies that are updated periodically to meet the demand of an evolving security environment. Policies are communicated to employees and available for review at any time.
VULNERABILITY MANAGEMENT
Vulnerability scanning
Central uses AWS’ security tools to constantly scan our applications, systems, and infrastructure for potential security risks and vulnerabilities.
Code analysis
Central’s code repositories are regularly scanned for security issues using static code analysis.
Bug bounty
We welcome responsible disclosure from security researches, though Central does not offer rewards for user-submitted bugs at this time.
PRODUCT
Multi-Factor Authentication
Central allows you to add an extra layer of security to your account by enabling two-step verification, also called two-factor authentication. This reduces the risk of having your account accessed by anyone else. Central supports both SMS and TOTP two-factor codes.
Fraud monitoring
Central’s financial partners monitor customer accounts and transactions to help prevent fraud.
Contact
support@central.inc
Click to copy
KILL BUSINESS BULLSHIT
Contact
support@central.inc
Click to copy
Contact
support@central.inc
Click to copy
KILL BUSINESS BULLSHIT