Security
Last Updated: October 30, 2025
Version: 1.0
Our Security Commitment
Your security and privacy are our top priorities. This page outlines our security measures, best practices, and how we protect your data and communications.
Infrastructure Security
Hosting and Data Centers
- Enterprise Hosting: Hosted on secure, enterprise-grade servers
- Geographic Distribution: Data replicated across multiple data centers
- DDoS Protection: Enterprise-level DDoS mitigation
- 24/7 Monitoring: Continuous security monitoring
Encryption Standards
- In Transit: TLS 1.3 encryption for all data transmission
- At Rest: AES-256 encryption for stored data
- Secure Channels: HTTPS only, no unencrypted HTTP
Data Protection
Contact Form Security
- All form submissions are encrypted in transit
- Input validation and sanitization on all fields
- Spam and abuse detection
- Rate limiting to prevent abuse (5 requests per hour per IP)
Email Security
- All email transmissions encrypted
- Email verification for contact confirmations
- Secure provider (Resend) with industry certifications
Database Security
- Row Level Security (RLS) for data isolation
- Regular backups with encryption
- Access logs and audit trails
Vulnerability Management
Security Testing
- Regular vulnerability scans
- Automated dependency vulnerability detection
- Code security reviews
Dependency Management
- Automated security updates for dependencies
- Regular audits of third-party packages
- Version control and tracking
Incident Response
Incident Response Plan
- Continuous monitoring for suspicious activity
- Rapid incident response procedures
- Regular security drills and testing
Breach Notification
- Users notified within 72 hours of any breach
- Full transparency about scope and impact
- Remediation plan shared immediately
Compliance
Regulatory Compliance
- GDPR: Compliant with EU data protection
- CCPA: Compliant with California privacy law
- ISO 27001: Information security certified
Best Practices for Users
Protecting Your Account
- Use a strong, unique password
- Enable two-factor authentication when available
- Do not share your credentials
- Log out of shared devices
Safe Communication
- Use HTTPS connections (look for the lock icon)
- Verify email addresses before trusting links
- Never share sensitive information via email
- Use strong passwords for your email account
Device Security
- Keep your operating system updated
- Use antivirus software
- Avoid public WiFi for sensitive transactions
- Use a VPN on public networks
Responsible Disclosure
Report a Vulnerability
If you discover a security vulnerability, please email security@namoslabs.com with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Your contact information
Our Commitment
- Acknowledge receipt within 48 hours
- Provide remediation timeline
- Keep you updated on progress
- Credit you (if desired) for disclosure
Contact
Security Issues: security@namoslabs.com
General Questions: naya@namoslabs.com
Vulnerability Reports: security@namoslabs.com
Response Time: Within 24 hours for security issues
Security is an ongoing commitment. We continuously monitor, update, and improve our security posture. Thank you for trusting us with your information.
