Our security measures include:
3FA: we have implemented 3FA (Three-Factor Authentication) which is mandatory for all users of the Exchange and their operations. In addition, we have ensured that our administrators are using 3FA and role-based security with granular permissions.
Encryption: all of the environments related to the Exchange where your personal data is stored and processed is protected with a minimum of 256 AES level encryption. The application components are hosted in private subnets and external communication is controlled through firewalls and white listing. Any personal data in transit is protected by TLS1.3 encryption. Hardened servers host the application software with only the necessary ports for internal communications enabled.
Penetration Testing: we have ongoing industry-leading third party penetration testing in place for the Exchange.
Multi-Layered Approach: the Exchange uses a multi-layered approach to cybersecurity and has built in security and privacy by design to ensure technical level security safeguards against cyber-attacks.
Security Audits: we conduct regular independent security audits and tests of the applications, IT infrastructure and related services which are required to provide the Exchange.
Security Standards: all of our systems are aligned with industry-leading standards such as ISO27001, ISO3000, ISO9000, PCI DSS, the General Data Protection Regulation (2016/679) and ISA3402E, among other compliance requirements.
Time-Locked Transfers: to provide additional security for users of the Exchange, we have included a 24 hour time-lock (delay) on all transfers of our Himalaya coins from one Ethereum address to another.
Policies and Response Plans: we have developed strong cybersecurity and incident response controls, policies and plans.
Training and Awareness: we allocate significant resources to training and awareness-raising across all of our employees in respect of personal security.
Have more questions? Submit a request