AES-256 Encryption
All data at rest is encrypted using AES-256, the same standard used by banks and government agencies.
TLS 1.3 in Transit
All communications are protected with TLS 1.3, the latest and most secure transport layer protocol.
Multi-Factor Authentication
Protect your account with 2FA using authenticator apps, SMS, or hardware security keys.
24/7 Monitoring
Our security team monitors for threats around the clock with automated intrusion detection.
Regular Audits
We conduct regular security audits and penetration testing to identify and fix vulnerabilities.
Access Controls
Role-based access control ensures users only access what they need. Full audit logging of all actions.
Infrastructure Security
Our infrastructure is built on Microsoft Azure, a leading cloud platform with enterprise-grade security:
- Physical Security: Azure data centers have 24/7 security, biometric access, and surveillance
- Network Security: DDoS protection, Web Application Firewall, network segmentation
- Redundancy: Geo-redundant storage and multi-region failover
- Updates: Automatic security patching and updates
Remote Access Security
Our remote access solution (powered by RustDesk via our self-hosted relay) includes:
- End-to-End Encryption: All remote sessions are encrypted from your device to the target computer
- Device Authentication: Devices must be authenticated before connecting
- Session Timeout: Inactive sessions automatically disconnect
- Connection Logging: All connections are logged with timestamps and user identity
- Two-Factor Authentication: Required for remote access
Compliance
We maintain compliance with industry standards and regulations:
SOC 2 Type II
HIPAA Ready
GDPR Compliant
PCI DSS
Incident Response
In the event of a security incident:
- Detection: Automated monitoring alerts our security team immediately
- Containment: Affected systems are isolated within minutes
- Notification: Affected customers are notified within 24 hours
- Resolution: Root cause analysis and remediation
- Transparency: Post-incident reports provided to affected parties
Responsible Disclosure
We welcome security researchers who help us improve. If you discover a vulnerability:
- Email: security@vellunox.com
- Please include details to help us reproduce the issue
- Allow us reasonable time to address the issue before public disclosure
- We will acknowledge your contribution (if desired)
Your Security is Our Priority
We continuously invest in security to protect your business. If you have questions about our security practices, please contact us.
Security Contact
Security Team: security@vellunox.com
Report Abuse: abuse@vellunox.com
General: support@vellunox.com