Legal

Security

How we protect your data and maintain secure operations.

1. Data Protection

Encryption: All data handled by Solaris Automation is encrypted in transit using secure protocols (e.g., TLS 1.2/1.3) and, where applicable, encrypted at rest.

Minimal Storage: We avoid storing sensitive client data unless explicitly required for operational purposes. Temporary data storage is always encrypted and promptly deleted after use.

Secure API Usage: We leverage APIs with robust authentication and access controls, avoiding deprecated or insecure endpoints.

2. Secure Access Management

Role-Based Access Control (RBAC): Access to client data and internal systems is strictly limited to authorised personnel based on their roles.

Multi-Factor Authentication (MFA): All accounts accessing our infrastructure are secured with MFA to prevent unauthorised access.

Client Access: We ensure that clients have control over their own credentials and data access, using token-based authentication whenever possible.

3. Infrastructure and Monitoring

Tech Stack Security: We use a carefully selected stack, including Make.com, n8n, and Zapier for server and application control, with restricted access and regular updates.

Automated Alerts: We maintain automated alerts to flag anomalies or downtime, enabling rapid response to potential threats.

4. Third-Party Integrations

We use reputable third-party apps like Anthropic Claude and OpenAI, ensuring they comply with industry security standards.

AI service providers, such as OpenAI ChatGPT and Anthropic Claude, ensure that data processed via API keys will not be used for model training.

All third-party services are vetted for compliance with GDPR, Australian Privacy Act, and other relevant frameworks to protect client data.

5. Employee Training and Awareness

Cybersecurity Training: All team members undergo regular training on secure data handling, recognising phishing attempts, and other cyber threats.

Clear Protocols: Internal protocols are in place for securely managing client information and responding to security incidents.

6. Incident Response

Proactive Monitoring: Our systems are designed to detect and report suspicious activity in real-time.

Incident Handling: In the unlikely event of a breach, we follow a structured incident response plan:

  • Immediate containment and resolution.
  • Transparent communication with affected clients.
  • Root cause analysis and preventive measures.

7. Continuous Improvement

Regular Audits: We conduct internal security reviews and update our practices in response to evolving threats.

Client Feedback: We welcome client input on security practices and incorporate suggestions to enhance our approach.

Secure Development Practices: Our automations and workflows follow OWASP guidelines to ensure a secure codebase.

At Solaris Automation, we strive to build trust through transparency and a strong commitment to security. If you have any questions or require specific details about our practices, please contact us at security@solarisautomation.io