Connect Invest Security
Our security team has years of experience in Fintec, digital financial platforms and regulated Industries. Connect Invest cares deeply about your security, and goes above and beyond to protect your information.
Our platforms architecture is certified to ISO 27001. Best practice architecture and development, secure data centers, global support and CDN/WAF services all combine to ensure Connect Invest customer data is supported by safe, secure solutions.
All data-in-transit is encrypted via HTTPs/TLS. The provided Content Delivery Network (CDN) protects origin servers, and together with the built-in Web Application Firewall (WAF) it provides DDoS mitigation and state-of-the-art protection against unusual and malicious traffic.
Advanced DDoS protection is provided to mitigate attacks of all forms and sizes including those that target the UDP and ICMP protocols, SYN/ACK, DNS amplification and Layer 7 attacks. The provided CDN is rated at over 30 Tbps throughput; more than 15x the size of the largest recorded DDoS attack.
Connect Invest uses Microsoft encryption technology to protect investor data. Connections established between investors and Connect Invest are encrypted, and all public endpoints are secured using industry-standard Transport Layer Security (TLS). At rest, investor data at Connect Invest is stored using standard Microsoft SQL Server cell level encryption that meet the compliance requirements associated with FIPS 140-2.
Connect Invest requires all potential investors to go through two levels of Know-Your-Customer (KYC) processes to protect investors from identity theft and does not store any bank account information, or any type of multifactor authentication of any potential investor.
Connect Invest front facing website uses an SSL certificate for it’s public web properties to ensure the site’s connection is secure. Always check a website’s security to ensure its secure by looking for a padlock in the URL and look for the URL to start with https:// showing the site’s secure.
Connect Invest uses HubSpot for communication records, marketing, and sales reports. HubSpot leverages several technologies to ensure stored data is encrypted at rest at the volume and field level. Platform data is stored using AES-256 encryption. User passwords are hashed following industry best practices and are encrypted at rest. All sensitive interactions with the HubSpot products (e.g. API calls, authenticated sessions, etc.) are encrypted in transit with TLS 1.2 or 1.3 with 2048-bit keys or better. TLS is also a default for customers who host their websites on the HubSpot platform.