Security Policy
1. Data Protection Framework
Elliniki implements robust encryption using AES-256 for data-at-rest and TLS 1.3 for data-in-transit. Access to sensitive systems requires multi-factor authentication and regular security audits.
2. Security Architecture
- Real-time intrusion detection monitoring all endpoints
- Biweekly penetration testing by certified security professionals
- Zero-trust authentication for internal network access
- Role-based access control (RBAC) enforcement
- Automated vulnerability scanning of all services
3. Incident Response
We maintain a 24/7 security operations center (SOC) capable of:
- Immediate detection and containment of security threats
- Notification to affected parties within 24 hours
- Publishing detailed breach reports to stakeholders
- Free credit monitoring for impacted individuals
4. User Security Controls
You can manage your account security through:
- Password strength enforcement with complexity rules
- Optional hardware-based security key authentication
- Activity monitoring with login alerts
- Session management for active devices
5. Security Awareness
Elliniki conducts annual security training for employees and provides monthly security updates to users about emerging threats and best practices.
6. Reporting Security Issues
If you discover a potential security vulnerability, please contact our security team via security@elliniki.com with:
- Clear description of the issue
- Steps to reproduce
- Proof of concept (if applicable)