SOC 2 (Type II)
Cloud Security Alliance
All customer data hosted in our environment is encrypted both at-rest and in-transit using AES256 encryption, TLS encryption, and SHA2 signatures.
Our comprehensive Incident Response & Breach Notification Process includes specific steps to identify, triage, monitor, and remediate security incidents.
We ensure that security is incorporated from the start of a project and continued throughout the software development lifecycle.
We strictly adhere to principles of least privilege and employ permission sets and access that reflects job roles.
We extensively monitor for unusual activity. Our Cloud SIEM is integrated with AWS security analytics to help us aggregate logs, alerts, and other activity into a cohesive single source of truth.
We conduct external network vulnerability scans, web application scans (DAST and SAST) as well as annual penetration testing.
To learn more about the security practices at TaxJar, please read our Security whitepaper.
Have a question, concern or comment about TaxJar security? Please contact our security team.