Security is built into every layer of InEdge Cloud — from physical infrastructure to application runtime. We follow industry best practices so you can focus on building, not worrying.
All infrastructure runs on dedicated bare-metal servers in Tier III+ data centers in India. Physical access is restricted with biometric authentication, 24/7 surveillance, and multi-layered perimeter security.
Servers are provisioned with hardened operating systems, automated patch management, and host-based intrusion detection systems.
All data in transit is encrypted using TLS 1.2 or higher. All data at rest is encrypted using AES-256 encryption, including databases, object storage, and backups.
TLS certificates are automatically provisioned and rotated for all customer domains. Internal service-to-service communication uses mutual TLS (mTLS).
Each tenant's workloads run in isolated Kubernetes namespaces with strict network policies. No cross-tenant network traffic is possible by default. Pod-to-pod communication is restricted to explicitly defined service meshes.
DDoS protection, WAF, and rate limiting are applied at the edge layer for all deployments.
Authentication supports OAuth 2.0 (GitHub, Google, GitLab), SSO via SAML 2.0, and email/password with enforced strong password policies. Multi-factor authentication (MFA) is available for all accounts.
Role-based access control (RBAC) allows fine-grained permissions for team members at the organization, project, and resource level.
Our infrastructure is monitored 24/7 with automated alerting for anomalous activity. We use centralized logging (immutable audit logs), real-time metrics, and distributed tracing across all services.
We maintain a documented incident response plan with defined severity levels, escalation procedures, and post-incident review processes.
All customer data is stored exclusively on infrastructure located in India, ensuring compliance with the Digital Personal Data Protection Act (DPDPA), 2023 and applicable data residency requirements.
We are pursuing SOC 2 Type II certification and conduct regular third-party security assessments and penetration testing.
All code changes undergo peer review. We use static analysis, dependency scanning, and container image scanning in our CI/CD pipeline. Critical changes require approval from security-trained reviewers.
Managed databases include automated daily backups with point-in-time recovery. Backups are encrypted and stored in a geographically separate facility within India. We maintain tested disaster recovery procedures with defined recovery time objectives (RTOs).
We operate a continuous vulnerability scanning program across our infrastructure and application layers. Critical vulnerabilities are remediated within 24 hours. We welcome responsible security disclosures at security@inedge.ai.
All team members undergo background checks and sign confidentiality agreements. Access to production systems follows the principle of least privilege and is reviewed quarterly. Security awareness training is mandatory for all employees.
We take security reports seriously. If you've discovered a security issue, please disclose it responsibly.