Security Policy
Our commitment to data security in laboratory environments.
Encryption
All data transmitted between clients and Yashara platforms is encrypted using TLS 1.3. Data at rest is encrypted using AES-256. Encryption keys are managed through a dedicated key management service with rotation schedules aligned to NIST guidelines.
Access Controls
All Yashara platforms implement role-based access control (RBAC) with principle of least privilege. Multi-factor authentication is available on all platforms and mandatory for administrative accounts.
Vulnerability Disclosure
We operate a coordinated vulnerability disclosure program. If you believe you have identified a security vulnerability in a Yashara platform, please contact security@yashara.us. We commit to acknowledging disclosure reports within 24 hours and providing a remediation timeline within five business days.
Infrastructure
Yashara infrastructure is hosted on SOC 2 Type II certified cloud providers. We conduct annual third-party penetration tests and maintain a continuous monitoring program for our production environments.
Incident Response
In the event of a security incident affecting customer data, we will notify affected customers within 72 hours of confirmed discovery, consistent with applicable data protection regulations.