Security

Operational summary of security practices for the public website and service.

1. Website security

• The website is intended to be served over HTTPS with a valid certificate.
• The public site is designed to be readable and direct, without unnecessary redirects or obstructive popups.

2. Access control

• Access to internal systems and data is intended to be restricted according to business need.
• Least-privilege practices are used where applicable.
• Secrets and credentials should be handled through controlled storage and restricted access workflows.

3. Data protection

• Data in transit is intended to be protected with encryption.
• Where data is stored, encryption-at-rest and logical segregation are intended to be used where appropriate.
• Operational monitoring and logging may be used to support reliability and incident review.

4. Human control over automation

Where the service provides automation or recommended actions, the customer remains responsible for reviewing and controlling how the service is used in their business context.

5. Incident reporting

If you suspect a security issue involving the service, contact support@margynx.com.