Trust and Security are our Fundamental Commitments. At 42HQ , trust and security form the very foundation of our practices. We take pride in surpassing industry norms by employing advanced security safeguards meticulously designed to preserve the confidentiality, accessibility, and integrity of your data and our products.
Security takes center stage in our people, processes, and product. Every change and new feature undergoes a meticulous change management policy to ensure proper authorization before implementation. Our Software Development Life Cycle (SDLC) is committed to secure coding guidelines, employing code analyzer tools, vulnerability scanners, and manual reviews following OWASP standards.
All data encrypted at rest and in transit
24/7 automated threat detection
Role-based access control implementation
Automated daily backups with 99% success rate
All data is encrypted using AES-256 encryption standards
Additional security layer with 2FA and SSO support
Data stored in SOC 2 compliant data centers
Continuous monitoring for threats and anomalies
Customer data transmitted to our servers over public networks is safeguarded by strong encryption protocols. We mandate the use of Transport Layer Security (TLS 1.2/1.3) encryption with robust ciphers for all connections, ensuring secure web access, API, and IMAP/POP/SMTP email client access. Opportunistic TLS is leveraged by default for email services, encrypting and delivering emails securely.
Sensitive customer data at rest is encrypted using 256-bit Advanced Encryption Standard (AES). Our in-house Key Management Service (KMS) manages encryption keys, providing additional layers of security by encrypting data encryption keys using master keys. Master keys and data encryption keys are physically separated and stored in different servers with limited access.
Our application is securely hosted on Amazon Web Services (AWS), a platform certified under ISO and SOC compliance standards. All customer data is housed in US-based data centers, ensuring the highest levels of security and regulatory compliance.
Logging and monitoring play a pivotal role in our operations. We systematically monitor and analyze information gathered from services, internal network traffic, and device usage. Event logs, audit logs, fault logs, administrator logs, and operator logs are automatically monitored and analyzed to identify anomalies promptly. These logs are securely stored on a server isolated from full system access.
Our dedicated vulnerability management process utilizes certified third-party scanning tools, in-house tools, automated and manual penetration testing. Our security team actively reviews security reports and monitors public sources to identify and address security incidents promptly. Identified vulnerabilities are logged, prioritized based on severity, assigned to an owner, and tracked until closure.
We employ an automated scanning system to scan all user files, preventing the spread of malware. Regular updates from external threat intelligence sources enhance our custom anti-malware engine, ensuring robust protection against malicious patterns.
Application data is stored on resilient storage replicated across multiple AWS regions. In case of primary AZ failure, the secondary AZ seamlessly takes over operations with minimal or no loss of time. Physical measures include power backup, temperature control, and fire-prevention systems.
Access to our resources, including buildings, infrastructure, and facilities, is meticulously controlled through a biometric system. Different access cards are provided to employees, contractors, vendors, and visitors, restricting access based on the specific purpose of entrance. Access logs are maintained to identify and address anomalies promptly.
Entry and exit movements throughout our premises are monitored via CCTV cameras deployed in compliance with local regulations. Backup footage is available for a specified period, ensuring compliance with location-specific requirements.
24/7 Security
On-site personnel
Biometric Access
Multi-factor authentication
Fire Suppression
Advanced systems
Power Backup
Redundant systems
42HQ shares its internal privacy and security policies with our customers for full transparency over how we protect and secure our customers' data. When you choose 42HQ , you entrust us with your information, and we take that responsibility seriously.
You retain complete ownership and control of your financial data. We never sell, share, or use your data for purposes other than providing our accounting services.
Complete transparency in our data handling practices with easy data export and deletion capabilities available to all users at any time.
Our systems are built with privacy as a core principle, incorporating data minimization, purpose limitation, and privacy-enhancing technologies.
Full compliance with GDPR, CCPA, SOX, and other relevant financial and privacy regulations across all jurisdictions where we operate.
Automated monitoring and threat detection systems
Immediate containment and mitigation procedures
System restoration and service continuity
Security improvements and lessons learned
Employees undergo training in information security, privacy, and compliance upon induction. Regular evaluations and continuous education in our internal community ensure ongoing awareness and understanding of security practices. Specific security aspects are continually addressed through targeted training sessions and internal events, fostering awareness and driving innovation in security and privacy.
Our dedicated security and privacy teams implement and manage robust security and privacy programs. They provide domain-specific consulting services, guidance to engineering teams, and ensure the constant monitoring of networks. The security and privacy teams are instrumental in maintaining our defense systems, developing review processes, and ensuring the security of our infrastructure.
All workstations issued to our employees run up-to-date OS versions and are configured with anti-virus software. They comply with our security standards, ensuring proper configuration, patching, tracking, and monitoring through endpoint management solutions. Workstations are secured by default, configured to encrypt data at rest, have strong passwords, and automatically lock when idle.
Focus on Security
We continuously invest in our security team, tools, and developers to deliver features that instill resilience, confidence, and trust in our platform. Security is not just a feature, it's the foundation of everything we build.
security@42hq.in
For reporting security vulnerabilities
compliance@42hq.in
For compliance and certification inquiries
We welcome responsible disclosure of security vulnerabilities and maintain a comprehensive security response program. Contact our security team for information about our responsible disclosure process and security research collaboration opportunities.
Security Commitment: 42HQ will never ask for your login credentials via email or phone. Report any suspicious communications immediately to our security team.