Our security practices

Here at Vaulted we take security very seriously. It's your data and we'd like to keep it that way. We understand how important the responsibility of safeguarding your data is to you. In light of that, here is what we are doing to keep your data safe:

We respect your data

We encrypt it in transit and at rest, and we do it all with NSA-approved FIPS-compliant encryption algorithms.

• Encryption in transit

  We force the use of SSL on our site. This ensures that any communication between you and Vaulted is secure.

• Encryption at rest

  We store data, and a lot of it; but, we also know that, having the kinds of data we do, it is important to ensure that we keep it safe and secure. By encrypting your data at rest, this allows us to be sure that your data will remain secure, even if the worst happens.

• Password storage

  If you use a Vaulted password, we ensure that password requirements, complexity, generation and storage meet the latest NIST standards.

• Data deletion

  If you are a team owner, you have the ability to remove all of your team's data. When we delete it, it's gone immediately and it's gone forever.

We use Vaulted

Just like you, Vaulted is our tool of choice to maintain the security posture of vaulted.io. We follow the latest DoD standards and guidelines to keep Vaulted compliant and secure.

Personnel practices

Most of our employees are cleared, and we perform background checks for all of them. Everyone at Vaulted is required to complete periodic security training to ensure that our team follows the latest security standards and best practices.

Development practices

Every update we push out is not only tested to the max by our team, but is also regularly reviewed for flaws.