Mighty Security

Security is our top priority

We know that data security lies at the heart of our customers’ daily business operations, and we understand that our customers’ data is their business.

Behind Mighty’s modern, user-friendly interface is a secure, sophisticated infrastructure built to keep your proprietary information and files protected and confidential. Within the Mighty team, we’ve cultivated a culture of security and data privacy to guide our behaviors and customer interactions.

Architecture Overview: Security From Invaders

Mighty is designed with multiple layers of protection to ensure that malicious agents cannot access your data. Here are just a few of the most important technological features we use to keep your data secure:

Hosted on Amazon Web Services (AWS) on a Virtual Private Cloud (VPC)

AWS is the gold standard for cloud-computing and used by Conde Nast, Intuit, NASDAQ, Netflix, Pfizer, and SAP, among other Fortune 500 companies. The Virtual Private Cloud (VPC) is an isolated section of AWS reserved for your information, so your data is always walled off from the rest of the web.

Data encryption in-transit and at-rest

Communications between you and AWS servers are encrypted via industry standard HTTPS and 256 bit Transport Layer Security (TLS). Your data is encrypted both when it is “at-rest” on AWS servers, as well as when it is being transmitted between the servers and your machines.

Hash and salt passwords

We use a PBKDF2 password hasher to securely store users’ passwords on AWS. This is recommend by the National Institute of Standards and Technology (NIST). Attackers would require tens of millions of years of computing time to break our customers’ passwords with known technologies.

Operational Security: Mighty’s Culture of Security

The bedrock of the technology and legal controls we put in place to keep your data secure and private is Mighty’s culture of security. We instill the importance of security and best practices across our professional organization.

Secure personnel

New team members undergo background checks

Onboarding and recurring security training

Confidentiality, non-solicit, and non-compete agreements

Data handling policies

Destruction of digital data once no longer a business necessity

Mandated computer sleep / password protect that are changed every 2 months

Randomized password generators

Workplace protection

Proximity card reader devices are required to access Mighty’s floor

Floor locked on weekends and off-hours

CCTV video surveillance cameras at points of entry

Learn why both new and top PI lienholders choose Mighty to power their businesses