Dashboard AIBack to Home

Security at Dashboard AI

Your data security is our top priority. We implement enterprise-grade security measures to protect your information at every level.

Last updated: January 7, 2026

SOC 2 Type II

Compliant Infrastructure

HIPAA Ready

BAA Available

AES-256

Encryption at Rest

TLS 1.3

Encryption in Transit

Our Security Commitment

At Dashboard AI, security is not an afterthought—it's built into everything we do. We understand that you're trusting us with your business data, and we take that responsibility seriously.

Infrastructure Security

Cloud Infrastructure

Hosted on SOC 2 Type II certified cloud infrastructure with 99.9% uptime SLA, automatic failover, and geographic redundancy.

Network Security

Enterprise-grade firewalls, DDoS protection, and intrusion detection systems protect our network perimeter 24/7.

Monitoring

Continuous security monitoring, log analysis, and automated alerts detect and respond to threats in real-time.

Backups

Automated daily backups with point-in-time recovery. Backups are encrypted and stored in geographically separate locations.

Data Protection

Encryption

  • In Transit: All data transmitted to and from Dashboard AI is encrypted using TLS 1.3, the latest and most secure protocol available.
  • At Rest: All stored data is encrypted using AES-256, an industry-standard encryption algorithm used by governments and financial institutions.
  • Database Encryption: Database connections use SSL/TLS encryption, and sensitive fields are additionally encrypted at the application level.

Access Controls

  • Role-Based Access: Strict role-based access controls ensure employees only access data necessary for their job functions.
  • Multi-Factor Authentication: MFA is required for all employee access to production systems.
  • Audit Logging: All access to customer data is logged and auditable.
  • Least Privilege: Systems are configured with minimal necessary permissions following the principle of least privilege.

Application Security

Secure Development

  • Security Reviews: All code changes undergo security review before deployment.
  • Dependency Scanning: Automated scanning identifies vulnerabilities in third-party dependencies.
  • Static Analysis: Code is analyzed for security issues during development.
  • Penetration Testing: Regular third-party penetration tests identify potential vulnerabilities.

Authentication

  • Secure Authentication: Powered by Clerk, a SOC 2 compliant authentication provider.
  • Password Requirements: Strong password policies enforce minimum complexity requirements.
  • Session Management: Secure session handling with automatic timeout and token rotation.
  • OAuth Integration: Secure OAuth 2.0 flows for third-party integrations.

Compliance

HIPAA Compliance

Dashboard AI is designed to support HIPAA compliance for customers who process Protected Health Information (PHI). Our HIPAA compliance program includes:

  • Business Associate Agreements (BAAs) available for all customers
  • Administrative, physical, and technical safeguards
  • Comprehensive audit logging of all PHI access
  • Employee training on HIPAA requirements
  • Incident response procedures for security events

To request a BAA, contact us at compliance@dashboard-ai.co

SOC 2 Type II

Our infrastructure and security controls are aligned with SOC 2 Type II requirements, covering the following Trust Service Criteria:

  • Security: Protection against unauthorized access
  • Availability: Systems are available for operation and use
  • Confidentiality: Confidential information is protected
  • Privacy: Personal information is collected and used appropriately

GDPR Compliance

For customers in the European Union, we comply with GDPR requirements including:

  • Data Processing Agreements (DPAs) available
  • Support for data subject rights (access, deletion, portability)
  • Standard Contractual Clauses for international data transfers
  • Data minimization and purpose limitation

Incident Response

We maintain a comprehensive incident response plan that includes:

  • Detection: Automated systems detect potential security incidents 24/7.
  • Response: Security team responds to incidents within defined SLAs.
  • Notification: Affected customers are notified within 72 hours of confirmed breaches.
  • Remediation: Root cause analysis and remediation for all incidents.
  • Post-Incident Review: Lessons learned are incorporated into security improvements.

Vendor Security

We carefully vet all third-party vendors and require them to meet our security standards:

  • SOC 2 certification or equivalent required for vendors handling customer data
  • Data Processing Agreements with all vendors
  • Regular vendor security assessments
  • Minimal data sharing based on necessity

Employee Security

  • Background Checks: All employees undergo background checks.
  • Security Training: Regular security awareness training for all employees.
  • Access Reviews: Quarterly access reviews ensure appropriate permissions.
  • Confidentiality Agreements: All employees sign confidentiality agreements.

Reporting Security Issues

Responsible Disclosure

If you discover a security vulnerability, please report it responsibly:

  • Email: security@dashboard-ai.co
  • Response Time: We will acknowledge within 24 hours
  • Safe Harbor: We will not take legal action against good-faith security researchers

Contact Us

For security questions or to request security documentation, contact us at:

Dashboard AI

15 Benton Drive

East Longmeadow, MA 01028

Security Team: security@dashboard-ai.co

Compliance: compliance@dashboard-ai.co

General: support@dashboard-ai.co