Security

Protecting your hospitality data is our top priority. Here is how we keep your information safe.

Encryption

All data is encrypted in transit using TLS 1.2+ and at rest using AES-256 encryption. Database backups are encrypted and stored in geographically redundant locations.

Access Controls

Role-based access control (RBAC) ensures staff only see what they need. Multi-factor authentication (MFA) is available for all accounts and enforced for admin roles.

Audit Logging

Every action on the platform is logged with timestamps, user identity, and IP address. Audit logs are immutable and retained for a minimum of 12 months.

Infrastructure

Hosted on enterprise-grade cloud infrastructure with automatic failover, DDoS protection, and network-level firewalls. We maintain isolated environments for production and staging.

Vulnerability Management

We conduct regular penetration testing, automated dependency scanning, and code reviews. Critical vulnerabilities are patched within 24 hours of discovery.

Compliance

Our security practices are aligned with SOC 2 Type II, GDPR, and PCI DSS standards. We support data processing agreements (DPAs) for enterprise customers.

Responsible Disclosure

If you discover a security vulnerability in the Aetheria OS platform, please report it responsibly by emailing security@aetheria.com. We will acknowledge receipt within 24 hours and work with you to understand and address the issue. We do not pursue legal action against good-faith security researchers.

Questions?

For security-related inquiries, contact our team at security@aetheria.com.