Security Policy

Oh/Jo Tech employs industry-standard security measures:

• Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• Authentication: Multi-factor authentication available for all accounts
• Access Control: Role-based access control for facility operators
• Monitoring: 24/7 security monitoring and anomaly detection

Our infrastructure is hosted on enterprise-grade cloud providers with:

• SOC 2 Type II certified data centers
• Geographic redundancy and disaster recovery
• Regular security audits and penetration testing
• Automated vulnerability scanning

We protect your data through:

1. 1Regular automated backups with encryption
2. 2Strict data access policies for employees
3. 3Data minimization practices
4. 4Secure data deletion upon account termination

In the event of a security incident:

• We will notify affected users within 72 hours
• We will provide details about what data was affected
• We will outline steps being taken to address the issue
• We will offer support and guidance for affected users

If you discover a security vulnerability, please report it to security@ohjotech.com. We appreciate responsible disclosure and will acknowledge your report within 24 hours.