Gradcut is dedicated to ensuring the security of our customers and their data. As a cloud-based company responsible for safeguarding valuable data, particularly your organisational knowledge, we focus on maintaining robust security measures. Gradcut conducts regular penetration testing and encrypts data both at rest and during transit. Our customers trust us with their sensitive information, and maintaining its security is our top priority.

Reliable and Secure Infrastructure & Applications

Gradcut services and data are hosted in AWS and Linode facilities. Access to customer data is limited to authorised employees who require it for their job. Gradcut is served 100% over https. We have SAML Single Sign-on (SSO), 2-factor authentication (2FA), and strong password policies on GitHub, AWS, and Linode to ensure access to cloud services is protected.

Encryption

All personal and identifying data sent to or from Gradcut is encrypted in transit using 256-bit encryption. We encrypt data at rest using an industry-standard AES-256 encryption algorithm.

Pentests and Vulnerability Scanning

Gradcut employs third-party security tools to perform continuous vulnerability scans. Our dedicated security team promptly addresses any issues identified. Additionally, we engage external security experts annually to conduct thorough penetration tests on the Gradcut application and infrastructure.

Incident Response

Gradcut implements escalation procedures, rapid mitigation, and post-mortem procedures for handling security events. All employees are informed of our policies.

Secure Delivery Portal

OTP

OTP (One-Time Password) authentication enhances security by requiring users to enter a unique password sent to them at the time of login, in addition to their regular login credentials. This ensures that only authorised users can access the system, providing an extra layer of protection against unauthorised access.

PCI Obligations

All payments made to Gradcut go through our partner, Stripe. Details about their security setup and PCI compliance can be found on Stripe’s security page.

Our Team is Committed to Security

Employee Vetting

We conduct background checks on all new hires in compliance with local regulations, including employment verification and criminal checks.

Training

Every year, all employees participate in mandatory Security and Awareness training.

Policies

We maintain an extensive set of security policies that cover various aspects of our operations. These policies are regularly reviewed and updated, and all employees are kept informed.

Confidentiality

All employee agreements contain a confidentiality clause to ensure the protection of sensitive information.

Shopping Basket