Mighty Security

Mighty provides core software and services legal and medical funding companies need to efficiently run and grow their businesses. We know that data security lies at the heart of our customers’ daily business operations, and we understand that our customers’ data is their business.
Behind Mighty’s modern, user-friendly interface is a secure, sophisticated infrastructure built to keep your proprietary information and files protected and confidential. Within the Mighty team, we’ve cultivated a culture of security and data privacy to guide our behaviors and customer interactions.

Your Data is Your Data

First and foremost: your data is your data.

Funders on Mighty’s platform only have access to their siloed instance of the application and the corresponding data. Furthermore, we provide our customers with the highest standards of data portability, data deletion, and access to continuous data backup.

Architecture Overview: Security From Invaders

Mighty is designed with multiple layers of protection to ensure that malicious agents cannot access your data. Here are just a few of the most important technological features we use to keep your data secure:

Hosted on Amazon Web Services (AWS) on a Virtual Private Cloud (VPC)

AWS is the gold standard for cloud-computing and used by Conde Nast, Intuit, NASDAQ, Netflix, Pfizer, and SAP, among other Fortune 500 companies. The Virtual Private Cloud (VPC) is an isolated section of AWS reserved for your information, so your data is always walled off from the rest of the web.

Data encryption in-transit and at-rest

Communications between you and
AWS servers are encrypted via industry standard HTTPS and 256 bit Transport Layer Security (TLS). Your data is encrypted both when it is “at-rest” on AWS servers, as well as when it is being transmitted between the servers and your machines.

Hash and salt passwords

We use a PBKDF2 password hasher to securely store users’ passwords on AWS. This is recommend by the National Institute of Standards and Technology (NIST). Attackers would require tens of millions of years of computing time to break our customers’ passwords with known technologies.

Operational Security: Mighty’s Culture of Security

The bedrock of the technology and legal controls we put in place to keep your data secure and private is Mighty’s culture of security. We instill the importance of security and best practices across our professional organization.

Secure personnel

  • New team members undergo background checks
  • Onboarding and recurring security training
  • Confidentiality, non-solicit, and non-compete agreements

Data handling policies

  • Destruction of digital data once no longer a business necessity
  • Mandated computer sleep/password protect that are changed every 2 months
  • Randomized password generators

Managed physical access

  • Proximity card reader devices are required to access Mighty’s floor
  • Floor locked on weekends and off-hours
  • CCTV video surveillance cameras at points of entry

See for yourself how Mighty helps funders get fueled for growth

Get Demo