Security Questionnaire

Overview

This page provides answers to common security questions from prospective and existing customers. If you require a detailed security review or have additional questions, please contact our security team.

Authentication and Access Control

• Multi-factor authentication (MFA): Supported for all user accounts.
• Password policy: Minimum length and complexity requirements enforced.
• Role-based access control: Users are assigned roles that restrict access to authorised features and data only.
• Session management: Sessions expire after a period of inactivity.

Data Encryption

• In transit: All data is encrypted using TLS 1.2 or higher.
• At rest: Customer data is encrypted at rest using AES-256 encryption.

Infrastructure and Hosting

• Cloud provider: Hosted on SOC 2 and ISO 27001 certified infrastructure.
• Availability: Designed for high availability with redundancy across availability zones.
• Backups: Regular automated backups with tested recovery procedures.

Vulnerability Management

• Penetration testing: Conducted periodically by independent third parties.
• Dependency scanning: Automated scanning for known vulnerabilities in dependencies.
• Patch management: Critical security patches are applied promptly.

Incident Response

• Incident response plan: Documented and tested incident response procedures.
• Breach notification: Affected customers notified in accordance with applicable laws and contractual obligations.

Compliance and Certifications

• GDPR compliant
• SOC 2 Type II (infrastructure provider)
• Regular third-party security assessments

Requesting a Full Questionnaire

If you need a completed CAIQ, SIG, or custom security questionnaire, please contact us at security@dentaldash.com.

Contact

For security enquiries, reach out to security@dentaldash.com.