Governance

Microapps enforces policies and controls, monitors adherence to these controls, and demonstrates security and compliance to third-party auditors.

Our policies are grounded in the following core principles:

Least Privilege

Access is restricted to individuals with a legitimate business need, following the principle of least privilege.

Consistency

Security controls are consistently applied across all areas of the organization.

Defense in Depth

Security measures are layered and implemented according to the defense-in-depth principle.

Continuous Improvement

Controls are continuously improved to enhance effectiveness and reduce friction.

Data Protection

Data at Rest

All data stores are encrypted at rest, with sensitive collections and tables using row-level encryption.

Data in Transit

Microapp employs TLS 1.3 or higher for all data transmitted over potentially insecure networks.

Data Backup

Microapp backs up all production data using a point-in-time approach. Backups are retained for 30 days and are globally replicated to ensure resiliency against regional disasters.

Responsible Disclosure

If you think you have found a security vulnerability in Microapp, please refer to our Responsible Disclosure page.