Compliance & Certifications
TwindUp is designed and operated to meet SOC 2 Type II compliance standards. Our security controls are independently audited and verified annually. We align with industry frameworks including NIST Cybersecurity Framework and ISO 27001 principles to ensure comprehensive protection of your data.
Data Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. API communications are secured with industry-standard authentication tokens and rate limiting. Database backups are encrypted and stored in geographically redundant locations.
Access Controls
The platform enforces role-based access control (RBAC) at every level — from individual assets to entire facility views. Enterprise customers can integrate with their existing identity providers through SSO/SAML. All access events are logged and auditable.
Infrastructure Security
TwindUp runs on enterprise cloud infrastructure with DDoS protection, web application firewalling, and continuous monitoring. Our infrastructure is hosted in SOC 2 certified data centers with physical security, redundant power, and network isolation.
Multi-Tenant Isolation
Each customer workspace operates in a logically isolated environment. Data belonging to one tenant is never accessible to another. Workspace-level encryption keys ensure that even at the infrastructure level, data remains compartmentalized.
Incident Response
We maintain a documented incident response plan with defined escalation procedures, communication protocols, and remediation workflows. Customers are notified of security incidents that affect their data in accordance with applicable regulations and our contractual commitments.
Responsible Disclosure
If you discover a security vulnerability, please report it to security@twindup.com. We take all reports seriously and will respond within 48 hours.