Security at Work & Field
We take the security of your data seriously. Here's how we protect your business information.
How We Protect Your Data
Data Encryption
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption.
Secure Infrastructure
We use AWS with SOC 2 Type II certification. Our infrastructure is monitored 24/7.
Access Controls
Role-based permissions ensure users only access what they need. MFA available for all accounts.
Compliance & Certifications
- SOC 2 Type II compliant infrastructure (AWS)
- GDPR compliant data handling
- CCPA compliant privacy practices
- PCI DSS compliant payment processing (via Stripe)
- Regular security audits and penetration testing
- Employee security training and background checks
Data Protection
Automatic Backups
Your data is automatically backed up daily with point-in-time recovery available.
Data Isolation
Each customer's data is logically isolated. We never share data between accounts.
Secure Authentication
Powered by AWS Cognito with support for multi-factor authentication and SSO.
Audit Logging
Comprehensive audit logs track all account activity for security and compliance.
Responsible Disclosure
We appreciate the security research community's efforts in helping keep our platform safe. If you discover a security vulnerability, please report it responsibly:
- Email us at security@workandfield.com
- Provide detailed information about the vulnerability
- Give us reasonable time to respond before public disclosure
- Do not access, modify, or delete data belonging to others
We commit to acknowledging receipt within 48 hours and providing regular updates on our progress.
Questions?
If you have questions about our security practices or need additional information for your compliance requirements, please contact us:
Security Team: security@workandfield.com