Skip to main content
Security FAQs
Matthew Olson avatar
Written by Matthew Olson
Updated over 7 months ago

Data Encryption:

  • In transit: Mox requires a minimum of TLS v1.2 encryption (TLS v1.3 also supported) for all connections and data transferred between server and the end user's browser.

  • At rest: All Database and File Storage is encrypted at rest using 256-bit Advanced Encryption Standard (AES-256).

User Access:

  • All users accessing content in the platform must be registered and managed through our Identity Provider, Okta. Users must have use a secure password and have a valid email.

  • Account Administrators have permission to manage access and roles for users within their account. More information on user access roles may be found here: https://help.moxsoftware.com/en/articles/6212309-assigning-mox-roles

Data Center Information:

  • All user data is stored in Amazon Web Services (AWS) data centers located either in the United States or Europe. The European-based data centers allow for GDPR compliance for affected customers.

  • AWS data centers are independently audited for comprehensive Data Security including SOC 2 and ISO 27001 programs.

Future Considerations:

  • Esko is in the process of completing SOC 2, Type 2 assessments. SOC 2 is a security framework that designates how SaaS Providers should protect data from unauthorized access, respond to security incidents, and address vulnerabilities. The American Institute of Certified Public Accountants (AICPA) developed the SOC 2 framework.

Did this answer your question?