Security | ThinSky - Our Security Practices

Our Security Commitment

As a security company, we hold ourselves to the highest standards. We implement the same controls we recommend to our clients:

SOC 2 Type II certified infrastructure
Encryption at rest and in transit (TLS 1.3)
Multi-factor authentication for all systems
Continuous vulnerability scanning
24/7 security monitoring
Regular penetration testing by third parties
Employee security awareness training
Background checks for all team members

Data Protection

Client data is protected with:

AES-256 encryption at rest
TLS 1.3 encryption in transit
Logical separation between client environments
Role-based access controls
Audit logging of all access
Regular access reviews

Infrastructure

Our infrastructure is hosted in SOC 2 certified Canadian data centers. We use:

Redundant systems with 99.9% uptime SLA
Daily encrypted backups
Disaster recovery with <24 hour RTO
Network segmentation and firewalls
Intrusion detection and prevention

Responsible Disclosure

We welcome security researchers who help us keep ThinSky secure. If you discover a security vulnerability:

Email security@thinsky.com with details
Include steps to reproduce the issue
Allow us reasonable time to respond (typically 5 business days)
Do not access or modify data belonging to others
Do not disclose the issue publicly until we've addressed it

What We Commit To

Acknowledge receipt within 2 business days
Provide an initial assessment within 10 business days
Keep you informed of remediation progress
Credit you in our security acknowledgments (if desired)
Not pursue legal action against good-faith researchers

Out of Scope

The following are not in scope for our responsible disclosure program:

Social engineering attacks on employees
Physical security testing
Denial of service attacks
Automated scanning without prior coordination
Issues in third-party services we use

Security Contact

For security concerns or to report vulnerabilities:

Email: security@thinsky.com
PGP Key: Available upon request