Logo
Logo

Your data is safe with realfast.

At realfast, safeguarding your data is integral to our company culture, operations, and product development. We take the responsibility of protecting your information very seriously.

ISO 27001:2022 Certification SOC 2 Type II Certification

We start by dotting the I's and crossing the T's.

For the most up-to-date information on our compliance posture, please contact security@realfast.ai

It's always good to be slightly paranoid about security.

Audit Logging

We store transaction and receipt data for your time as a realfast customer, enabling audit readiness and the ability to review company spend retroactively. You can track who did what, when, and why with detailed transaction histories.

Google Gemini
Microsoft Azure
Claude AI
Amazon Web Services
Google Cloud
ChatGPT

Secure Integrations

When building new integrations, we design them to maximize user security throughout, be it OpenAI, Gemini, or Claude for GenAI model usage, or AWS, Google Cloud, or Azure for cloud infrastructure.

Single Sign-On (SSO)

Currently, all businesses have access to Sign In with Google, but we will add other SSO providers soon.

Security Notifications

We notify you of any updates to your account's contact details, security settings, or login configuration.

Role-Based Access Control

We have granular permissions to ensure users only see what they need.

Multi-Factor Authentication

realfast retains multi-factor authentication for all users who sign in with an identity provider. Currently, we only allow logins with Google.

We are always on guard.

Access Monitoring

realfast logs failed and successful logins, application access, admin changes, and system changes. We continuously monitor critical systems for potential threats, with automated logging and alerting.

Real-time Security Monitoring

realfast employs a 24/7 Security Operations Center (SOC) that continuously monitors our network for potential threats. The SOC combines automated tools and human expertise to detect, analyze, and respond to security events in real time

Zero Trust Architecture

We are designing our systems based on the principles of Zero Trust. This means that no user or device is automatically trusted, regardless of whether they are inside or outside the network perimeter. Every access request is authenticated, authorized, and encrypted before access is granted.

It's always good to be slightly paranoid about security.

Static Code Analysis

realfast performs static code analysis on every pull request for our core services. This combines industry-standard scanners with a custom ruleset that detects potential vulnerabilities specific to our architecture. We continuously review and enhance our rulesets, prioritizing high-signal rules developed in-house. Code that fails any of these critical rules cannot be merged or deployed.

Secure Development Training

Designated engineering teams at realfast are required to complete secure development training. Additionally, we regularly present to the full engineering organization about identified vulnerabilities in our applications, including mitigation strategies. These sessions also cover security trends relevant to our technology stack, via our Konfirmity program.

Web Application Firewall

All our public endpoints employ a managed Web Application Firewall to deter attempts to exploit common vulnerabilities

Strict Access Control — because it's your data, not ours.

Data Access

At realfast, we adhere strictly to the principle of least privilege. Access permissions are granted based solely on an individual's job function and business requirements. We conduct periodic access reviews to ensure these permissions remain appropriate and are revoked promptly when no longer needed.

Logging

We employ a robust Security Incident and Event Monitoring (SIEM) solution to centrally collect and analyze logs from all critical systems. This allows us to constantly monitor system activity and detect any potential security events. Automated alerts are configured to immediately notify our security team of any suspicious activities.

Password Security

Our internal password policies are fully aligned with the stringent requirements of ISO 27001. All employees are required to use a password manager to ensure the use of strong, unique passwords across all systems. For access to particularly sensitive systems, we enforce the use of multi-factor authentication (MFA) to provide an additional layer of security.

Expect nothing less than the best infrastructure.

Expect nothing less than the best infrastructure.

Amazon Web Services (AWS)

realfast's infrastructure is built on the secure and compliant foundation of Amazon Web Services (AWS) – Mumbai region. By using AWS, we inherit the benefits of their world-class physical security measures. These include strict access controls for data centers, 24/7 monitoring, and regular audits to ensure adherence to industry best practices.

AWS also provides us with critical security features such as encryption for data at rest, robust network segmentation, and advanced tools for monitoring and logging.

Business Continuity and Disaster Recovery

We are establishing a business continuity and disaster recovery (BC/DR) program. This includes a BC/DR plan, business impact analysis (BIA), risk assessments, and procedures for monitoring and improving the program. The plan guides responding, recovering, and resuming operations during severe events. To ensure essential business processes remain operational, it covers the personnel, resources, services, and actions required for this. The BC/DR plan will be tested annually.

Anti-DDoS

We plan to implement an industry-standard web application firewall (WAF) to protect our services from DDoS attacks and help deter attempts to exploit common vulnerabilities.

Securing Production Environment

We use AWS VPCs and IAM policies to isolate our production environment. Systems from one environment are not permitted to communicate with other environments.

With code, it's better to be safe than sorry.

Disk Encryption

All realfast-issued devices are required to have full disk encryption enabled. This ensures that data stored on these devices remains secure even in the event of loss or theft.

Device Monitoring

We employ a Mobile Device Management (MDM) solution to enforce security policies on all corporate endpoints. realfast enforces encryption, strong password policies, and automatic locking, and keeps operating systems and security patches up-to-date.

Threat Detection

We use AWS's managed threat detection service to proactively identify and respond to potential threats. This service continuously monitors endpoints for any signs of malware, unauthorized access, or other suspicious activities. When threats are detected, the service notifies you immediately and recommends potential remedies.

It's always good to be slightly paranoid about security.

Data Encryption

We use AES-256 Encryption for data at rest, and TLS 1.2+ Encryption for data in transit. Realfast avoids storing sensitive customer information wherever possible. For example, your credit card numbers related to billing are not stored on our systems and instead reside with our sub-processors.

Data Backups

We use AWS AP-South-1 for automated backups. Backups are encrypted and are retained for at least 30 days, with access restricted by user role in AWS.

Physical Security

Our data centers are hosted by Amazon Web Services (AWS), which makes our security as good as AWS's Physical Security controls.

Our Commitment to You

Book a Discovery Call

At realfast, security isn't an afterthought – it's the foundation upon which everything else is built. We are constantly evaluating and evolving our practices to stay ahead of emerging threats, so you can focus on your business with the peace of mind that your data is in good hands.

Have questions or concerns? Our security team is always happy to chat. Reach us at security@realfast.ai.