Security at Nhost

SOC 2 Type II (coming soon)

Nhost is working towards SOC 2 Type II compliance, a comprehensive audit that verifies our security controls and data handling practices meet industry standards. Once certified, Team & Enterprise customers will have access to our SOC 2 report directly through the dashboard.

HIPAA (coming soon)

Nhost is working towards HIPAA compliance. Team & Enterprise customers will be able to store Protected Health Information (PHI) on our hosted platform once we complete the audit.

AWS Cloud Infrastructure

Nhost is hosted on AWS, a leading cloud provider with a strong track record of security and reliability.

Encryption at Rest

All data is encrypted at rest with AES-256. This includes databases, storage files, and run services volumes.

Encryption in Transit

All data is encrypted in transit with TLS.

Payments Processing

Nhost uses Stripe to process payments and does not store any billing information from our customers.

Backups

All paid databases are backed up daily and stored in a secure location.

Dependency Scanning

We perform regular dependency scans to ensure our platform is secure.

Logging and Monitoring

We actively monitor and log all activity on the platform to ensure security and detect anomalies.

Incident Response

We have a documented incident response plan in place to ensure we can respond to security incidents quickly and effectively.