Security at Mesh

Mesh leverages highly available, scalable, and stable infrastructure that is protected by various layers of defense. We have employed zero trust and least privilege principles in our security architecture to enforce separation of duties and provide segregation of our environments. Access rights are reviewed regularly, multi-factor authentication is enforced for all administrative accounts, and idle sessions are automatically terminated to reduce risk of unauthorized access. Additionally, we actively monitor for malicious network traffic and anomalous system behavior.

Mesh employs strong encryption algorithms to protect data at rest, and in transit. We are committed to using robust encryption algorithms for protecting data at rest, protecting encryption keys and ensuring secure exchange of data. Encryption algorithm choices are specifically configured to provide industry standards or better levels of protection.

Mesh follows a security by design approach, where security considerations are integrated into the initial planning and design phases of our products and addressed throughout the Secure Development Lifecycle. This ensures that security is not an afterthought but a core component of our product architecture. We have implemented automated and manual security reviews, checks and testing, ensuring that security is a continuous process.

We employ reputable third parties to conduct comprehensive penetration testing against our products prior to release and on an on-going basis. We also maintain an on-going program of external tests, internal vulnerability management and configuration audits to ensure continuous security coverage and rapid remediation of identified issues. Our intention is to simulate real-world attacks to identify and fix potential vulnerabilities, ensuring our products remain resilient against attacks.

End-user PII may be temporarily handled when required to facilitate a transaction, but is not stored long term.