Data encrypted in transit
We use TLS 1.2+ for external connections and TLS 1.3 with mutual TLS for internal connections. Our PKI infrastructure, backed by Google Cloud Certificate Authority Service, ensures high availability and scalability.
Data encrypted at rest
Our encryption, backed by Google Cloud Key Management Service, uses AES-256-GCM and FIPS 140-2 Level 1 compliant cryptographic modules.
Vulnerability management
We use tools like GitHub and Vanta to scan for vulnerabilities, and regularly scrutinize our software with static analysis security tools.
Customer-level encryption
We use dedicated, single-tenant keys to separate customer data, log access to encryption keys, and encrypt sensitive information at the application level before storage.
Reliability
Friday infrastructure is cloud-native, built on Google Cloud for maximum resilience, ensuring 24/7/365 uptime.
SOC 2 Type 2
We are SOC 2 Type 2 certified and implement the following controls: identity and access management, multi-factor authentication, security monitoring, access restrictions, availability, and privacy.
Database isolation
Tenant data isolation is enforced at both the application and database layers, providing defense-in-depth protection.
Supply chain security
We continuously scan and update dependencies across all components, with automated security checks on every code change.
Auditable deployments
All infrastructure changes are version-controlled and deployed through automated pipelines with full audit trails.
Infrastructure hardening
We enforce strict workload security standards and network segmentation policies, limiting the blast radius of potential compromises.