Strict vulnerability management processes to identify and resolve threats. Regular penetration testing by independent third parties to ensure that our platform is safe and secure.

Robust access control measures. Our hosting environment is only accessible from the private network via VPN and does not support direct access from the public internet.

Our cluster is deployed over two zones to guarantee availability. Our infrastructure resides within Amazon AWS EC2 private instances (Amazon VPC) with Amazon Enterprise support in place.

We are committed to protecting our customers' data and employ advanced security practices to keep data safe and secure. By default, log data is stored for 30 days. In our Enterprise Plan, we also offer the ability to store data for an extended period.

Our developers adhere to coding standards in accordance with the Open Web Application Security Project (OWASP). Static Application Security Testing (SAST) is also in place to improve inMultifamily’s Software Development Life Cycle (SDLC).

Every connection between inMultifamily and a third-party service provider is established in the most secure available way. In some cases (e.g. FTP, databases), customers have the option to manually set the security level. We secure our network communication with TLS version 1.2 and 1.3 using AES 256 encryption.