Security - ProxiGuide

Certified & Compliant

Independently verified security and compliance standards

🛡️

SOC 2 Type II

Security Controls

🔒

ISO 27001

Information Security

✓

GDPR

Data Protection

🔐

AES-256

Encryption Standard

Security by Design

Multi-layered protection at every level

End-to-End Encryption

All data encrypted with AES-256 at rest and TLS 1.3 in transit. Only you hold the decryption keys.

Zero Trust Architecture

Every request is authenticated and authorized. No implicit trust, even for internal systems.

Continuous Monitoring

24/7 security operations center monitoring for threats, with automated incident response.

Cloud Infrastructure Security

Enterprise-grade protection in the cloud

ProxiGuide leverages world-class cloud infrastructure with multiple layers of security:

Cloud Provider Security

→ Hosted on AWS/Azure with enterprise SLAs
→ Data centers with physical security and environmental controls
→ Redundant power, cooling, and network connectivity
→ Compliance certifications (SOC 2, ISO 27001, PCI DSS)

Network Security

→ Virtual Private Cloud (VPC) isolation
→ Network segmentation and micro-segmentation
→ Web Application Firewall (WAF) protection
→ DDoS protection and rate limiting
→ Intrusion Detection and Prevention Systems (IDS/IPS)

Geographic Distribution

→ Multi-region deployment for high availability
→ Data residency options for GDPR compliance
→ Automatic failover and disaster recovery

Multiple layers of protection for data at rest:

Encryption at Rest

• AES-256 encryption for all stored data
• Individual user-specific encryption keys
• Database-level encryption
• Encrypted backups with separate keys

Database Security

• Private database instances (no public access)
• Automated security patching
• Query logging and monitoring
• SQL injection protection

Backup & Recovery

• Automated daily encrypted backups
• 30-day backup retention period
• Cross-region backup replication
• Point-in-time recovery capability

Storage Controls

• Immutable storage for audit logs
• Versioning enabled on all storage
• Lifecycle policies for data retention
• Secure deletion with cryptographic erasure

All data transmitted through ProxiGuide is encrypted:

→ TLS 1.3 encryption: Latest transport security protocol for all connections
→ Perfect Forward Secrecy (PFS): Unique session keys protect past communications
→ Certificate pinning: Prevents man-in-the-middle attacks
→ HTTPS enforcement: All traffic redirected to secure connections
→ API authentication: OAuth 2.0 and JWT tokens for API security

Strict controls over who can access what data:

User Authentication

• Multi-Factor Authentication (MFA) required for all accounts
• Biometric authentication support (fingerprint, Face ID)
• Single Sign-On (SSO) with SAML 2.0
• Password complexity requirements and rotation policies
• Account lockout after failed login attempts

Role-Based Access Control (RBAC)

• Principle of least privilege enforced
• Granular permissions for different user roles
• Regular access reviews and audits
• Automatic session timeout for inactive users

Internal Access Controls

• Zero standing privileges for ProxiGuide employees
• Just-in-time access with approval workflows
• All access logged and monitored
• Background checks for all employees

Mobile App Security

Protection on iOS and Android devices

ProxiGuide mobile apps are built with security as a priority:

Code Security

• Code obfuscation to prevent reverse engineering
• Anti-tampering protections
• Secure coding practices (OWASP guidelines)
• Regular security code reviews
• Static and dynamic security testing

Data Protection

• Local data encryption using device keychain
• Secure storage APIs for sensitive data
• No sensitive data in app logs
• Clipboard protection for passwords
• Screen capture prevention for sensitive screens

Network Security

• Certificate pinning for API connections
• Network security configuration
• Protection against MITM attacks
• Secure Bluetooth beacon communication

Runtime Security

• Jailbreak/root detection
• Debugger detection
• Emulator detection
• Hook detection and prevention

Secure Bluetooth Low Energy (BLE) communication:

→ Encrypted beacon IDs: Unique encrypted identifiers prevent spoofing
→ Rotating keys: Beacon authentication keys rotate periodically
→ Privacy protection: No personally identifiable information transmitted via Bluetooth
→ Proximity verification: Signal strength validation prevents remote attacks
→ Secure pairing: Beacon-to-app authentication before data exchange

Keeping the app secure with timely updates:

→ Automatic security updates: Critical patches deployed immediately
→ Regular update schedule: Monthly feature and security updates
→ Version enforcement: Outdated versions blocked from accessing sensitive features
→ Update notifications: Users notified of important security updates
→ Verified distribution: Apps only available through official app stores

Threat Detection & Response

Proactive security monitoring and incident response

🔍 Continuous Monitoring

• 24/7 Security Operations Center (SOC)
• Real-time threat detection with AI/ML
• Automated anomaly detection
• Continuous vulnerability scanning
• Log aggregation and analysis (SIEM)
• Behavioral analytics for insider threats

⚡ Incident Response

• Dedicated incident response team
• Automated incident playbooks
• 15-minute response SLA for critical issues
• Post-incident forensics and analysis
• Transparent incident reporting to affected users
• Continuous improvement from lessons learned

Security Testing & Compliance

Regular assessments and audits

🔬

Penetration Testing

Annual third-party penetration tests to identify vulnerabilities before attackers do.

• Infrastructure testing
• Application testing
• API security testing
• Social engineering tests

🐛

Bug Bounty Program

Responsible disclosure program rewarding security researchers who find bugs.

• Competitive payouts
• Transparent process
• Hall of fame recognition
• Rapid remediation

📋

Compliance Audits

Regular audits ensure ongoing compliance with security standards.

• Annual SOC 2 audits
• ISO 27001 assessments
• GDPR compliance reviews
• Internal security audits

Security Best Practices for Users

While we provide robust security, you play an important role too:

Do:

✓ Enable Multi-Factor Authentication (MFA)
✓ Use a strong, unique password
✓ Keep your app updated to the latest version
✓ Log out from shared or public devices
✓ Review your account activity regularly
✓ Report suspicious activity immediately

Don't:

✗ Share your password with anyone
✗ Use public Wi-Fi without VPN
✗ Click on suspicious links in emails
✗ Download the app from unofficial sources
✗ Jailbreak or root your device
✗ Ignore security alerts or warnings

Report a Security Issue

We take security seriously. If you've discovered a security vulnerability or have concerns about our security practices, please let us know immediately.

Security Team: security@proxiguide.com

Bug Bounty: bugbounty@proxiguide.com

PGP Key: Available on our website for encrypted communications

Response Time: We respond to all security reports within 24 hours

Please follow responsible disclosure practices. We commit to working with security researchers to resolve issues quickly and fairly.

Enterprise-Grade Security

Certified & Compliant

Security by Design

End-to-End Encryption

Zero Trust Architecture

Continuous Monitoring

Cloud Infrastructure Security

Cloud Provider Security

Network Security

Geographic Distribution

Encryption at Rest

Database Security

Backup & Recovery

Storage Controls

User Authentication

Role-Based Access Control (RBAC)

Internal Access Controls

Mobile App Security

Code Security

Data Protection

Network Security

Runtime Security

Threat Detection & Response

🔍 Continuous Monitoring

⚡ Incident Response

Security Testing & Compliance

Penetration Testing

Bug Bounty Program

Compliance Audits

Security Best Practices for Users

Do:

Don't:

Report a Security Issue

Questions About Security?