Skip to main content

Mindsmiths Trust

Creating AI agents at scale!

Get startedJoin the community

Compliance

With an ISO 27001 certification, Mindsmiths exhibits a robust commitment to information security across all levels of our organization. Our alignment with international best practices demonstrates our steadfast dedication to maintaining the highest standards of data protection.

Data Protection

We commit the sensitivity of client data. To ensure its safety, we use AES-256 encryption for data at rest and TLS 1.2 and higher for data in transit. Client data is physically separated in our database using unique identifiers and strict access controls. Our data management practices are designed to comply with stringent global privacy regulations, including GDPR.

Learn more

Secure Development

Mindsmiths strictly adhere to the Software Development Lifecycle (SDLC) policy. We place high importance on data validation and API integrity, with guidance from tech leads adept in OWASP standards. With rigorous validation procedures and access controls, we handle sensitive data meticulously.

Learn more

Access Management

Mindsmiths employs a 'zero trust' data access strategy, governed by 'need to know' and 'least privilege' principles. 2FA is facilitated with Google Authenticator and Microsoft Authenticator. RBAC is managed through Azure AD and AWS IAM, ensuring secure, monitored access to resources.

Security Monitoring

We utilize self-hosted tools like Graylog, Sentry, and Grafana for comprehensive security monitoring. These tools enable real-time tracking, efficient alert management, and visualization of security metrics. Continually adapting to evolving threats, we maintain a self-hosted 90-day log, facilitating detailed audits and investigations.

Incident Response and Disaster Recovery

In the event of an incident, we have robust procedures in place for incident response and disaster recovery. Our incident response process follows the NIST guidelines: Preparation, Detection and Analysis, Containment, Eradication, and Recovery, and Post-Incident Activity.

Privacy and Consent

Mindsmiths adheres to GDPR, Data Retention and Data Classification Policies, ensuring meticulous privacy and consent management. Data is classified based on sensitivity, risk, and value, controlling authorized access. We maintain transparency in data processing, and our swift response to misuse of classified information underscores our commitment to privacy rights.

Support and Documentation

We provide extensive documentation and 24/7 support for clients integrating with our platform. This includes security policies and recent ISO 27001 audit results. Our responsive security team adheres to the NIST incident response process, ensuring swift and effective resolution of security incidents.