Updated January 2022
Our information security program is designed to exceed industry standards and we use many different controls to keep data safe. As part of our commitment to security, we’re SOC2 audited and undergo regular penetration tests, both initiated by us as well as our customers.
1. Company Policies
2. Authentication & Integrity
Nova's services are guarded by an identity and access reverse proxy that authenticates and authorizes all incoming HTTP requests. This ensures that every inbound request is inspected and routed to a valid internal destination.
3. Secure Connections
Nova forces HTTPS for all services via TLS, including the public application and all publicly accessible services and APIs. We additionally use HSTS to ensure that browsers interact with Nova only over HTTPS.
4. Data Encryption
We use AES256 to encrypt data at rest. This protects data stored within Nova’s infrastructure from any system compromise or data exfiltration attempt.
We use TLS to to encrypt data in transit. This means endpoints are authenticated, data is encrypted before transmission, and information is verified on arrival. This protects data as it moves between publicly accessible systems and our internal infrastructure in situations where third parties are attempting to intercept communications.
We use Confidential Computing to encrypt data in use. We leverage security technology offered by modern CPUs (e.g. the Secure Encrypted Virtualization extension) together with confidential computing cloud services to encrypt the memory contents of VMs in use and ensure data is private and encrypted even while being