Engineering > Security

Security at Procuret

Protection of data is our first priority. Whenever we make an engineering decision, security considerations come first and foremost.

Encryption

Data are encrypted at rest and in transit.

At rest, data are encrypted using the AES-256 algorithm. This includes all backups. In transit between client devices and Procuret servers, data are encrypted using the Transport Layer Security (TLS) 1.2+ standard.

Access to encryption keys is tightly controlled.

Passphrases

All passphrases are hashed using the Argon2 algorithm and individually salted with 64 bits of random text. Procuret does not retain plain-text passphrases, and enforces secure passphrase content requirements.

Compartmentalisation

Inside Procuret, access to data are strictly controlled. Employees can only access subsets of data strictly required for their task. Applications may only act on data as an agent of a properly authenticated and authorised human being.

Network

Machines dealing with Procuret data do not have addresses on the public internet. Machines facing the public internet will not respond to any request from the internet other than HTTPS and ICMP. All HTTP requests are redirected to HTTPS with TLS 1.2+.

Help & Resources

Blog

Documentation

Open Source Code

Branding

Contact

Phone & Email

Media

About Procuret

Our Team

Engineering

Jobs

FAQs

Legal

Privacy Policy

Terms & Conditions

AU / NZ (English)