Helixco

Security and Privacy

At Helixco, protecting our clients’ data is our top priority. We design every layer of our platform with security, availability, and privacy in mind. Our practices are aligned with industry standards and the SOC 2 Type II framework, ensuring that we meet rigorous requirements for safeguarding information.

Our. security. commitment.

Helixco’s platform is hosted on Pantheon and Amazon Web Services (AWS), leveraging enterprise-grade security controls, redundancy, and scalability. We maintain strict security protocols, continuous monitoring, and comprehensive privacy practices to ensure your data remains safe and available.

data encryption

  • Data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.

  • Sensitive credentials and passwords are hashed and never stored in plaintext.

Network & Infrastructure Security

  • Pantheon and AWS provide robust physical and network security, including firewalls, DDoS protection, and multi-region redundancy.

  • We enforce network segmentation, least privilege access, and real-time threat detection.

  • Automated vulnerability scans and regular penetration tests ensure continuous protection.

Application Security

  • Our secure development lifecycle (SDLC) includes peer code reviews, automated security testing, and dependency scanning with tools like Dependabot.

  • We conduct regular third-party security assessments and audits.

Access Controls & Authentication

  • Role-based access control (RBAC) ensures users have only the permissions they need.

  • Multi-factor authentication (MFA) is enforced for administrative and privileged accounts.

  • Administrative access is logged, monitored, and reviewed regularly.

Monitoring & Incident Response

  • We leverage AWS GuardDuty, Pantheon monitoring, and custom alerting for 24/7 anomaly detection.

  • Our incident response plan is designed to quickly detect, respond to, and remediate security issues.

  • All logs are centralized, protected, and retained for audits.

Business Continuity & Disaster Recovery

  • Encrypted data backups are taken regularly to ensure recovery in the event of a disaster.

  • Our infrastructure is designed for high availability and implement intrusion protection systems.

Employee Security & Training

  • Employees undergo background checks and sign confidentiality agreements.

  • Security awareness training is conducted regularly to mitigate risks.

SOC 2 Type II Compliance

Helixco is actively pursuing SOC 2 Type II certification to provide third-party validation of our security, availability, and confidentiality controls. This attestation ensures we follow the highest industry standards for protecting customer data.

Privacy & Data Protection

Your data is your own. Helixco does not sell or share customer information with third parties. Each client environment is logically isolated and protected with strict access controls to prevent unauthorized access.

Report a Security Issue

If you discover a potential vulnerability or security concern, please email info@helixco.io. We encourage responsible disclosure and appreciate your support in maintaining a secure environment.

Unify. Simplify. Take Charge.