Security

Enterprise-grade protection for your sensitive data

๐Ÿ›ก๏ธ Security is not a featureโ€”it’s our foundation. ClaimArmor is built from the ground up with enterprise-grade security to protect the sensitive insurance data you trust us with.

Data Encryption

In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3 with 256-bit AES encryption. We enforce HTTPS on all connections with HSTS headers.

At Rest: All stored data is encrypted using AES-256 encryption. Encryption keys are managed through a secure key management system with regular rotation.

Infrastructure Security

  • US-Based Data Centers: All data is stored exclusively in SOC 2 Type II certified data centers located in the United States
  • Network Security: Multi-layer firewall protection, intrusion detection systems, and DDoS mitigation
  • Redundancy: Geographically distributed backups with 99.9% uptime guarantee
  • Access Control: Strict physical and logical access controls with audit logging

Application Security

  • Authentication: Secure password hashing (bcrypt), mandatory two-factor authentication (TOTP), and session management
  • Session Security: Automatic session timeout, single-session enforcement, and IP/device binding
  • Input Validation: Comprehensive input sanitization and parameterized queries to prevent injection attacks
  • Security Headers: CSP, X-Frame-Options, X-Content-Type-Options, and other protective headers

Access Controls

  • Role-Based Access: Granular permission system ensuring users only access what they need
  • Audit Logging: Comprehensive logging of all system access and actions
  • Admin Security: Enhanced security requirements for administrative access
  • API Security: JWT tokens with HMAC signatures for all API communications

Compliance & Certifications

๐Ÿ”’

SOC 2 Type II

Compliant Infrastructure

โœ“

CCPA

California Privacy Compliant

๐ŸŒ

GDPR Ready

EU Data Protection

๐Ÿ‡บ๐Ÿ‡ธ

US Data Only

No Offshore Processing

Monitoring & Response

  • 24/7 Monitoring: Continuous security monitoring and alerting
  • Incident Response: Documented incident response procedures with defined escalation paths
  • Vulnerability Management: Regular security assessments and prompt patching
  • Breach Notification: Commitment to notify affected users within 72 hours of confirmed breaches

Responsible Disclosure

We welcome security researchers to report vulnerabilities responsibly. If you discover a security issue, please email security@claimarmorai.com with details. We commit to:

  • Acknowledge receipt within 24 hours
  • Provide regular updates on remediation progress
  • Not pursue legal action against good-faith researchers
  • Credit researchers (if desired) after fixes are deployed

Contact Security Team

For security concerns or questions:
Email: security@claimarmorai.com
Response Time: Critical issues within 4 hours, standard inquiries within 24 hours