Tibr Tibr
Tibr

Security at TIBR

At TIBR, security is not an afterthought — it is the foundation of our platform. We know that contractors, service providers, and multi-location enterprises depend on us for accurate, timely, and confidential business information. Protecting that data is our top priority.

🔒 Infrastructure

  • Hosted on Amazon Web Services (AWS) — world-class physical security, compliance certifications (SOC 2, ISO 27001, HIPAA, GDPR), and global availability.
  • Serverless by design — Laravel Vapor on AWS Lambda, eliminating long‑lived servers and reducing the attack surface.
  • Private networking — PostgreSQL databases in private VPC subnets; never publicly exposed.

🔑 Data Protection

  • Encryption in transit — TLS 1.2+ with HSTS.
  • Encryption at rest — AES‑256 via AWS KMS for all data and backups.
  • Backups & recovery — automated encrypted backups with point‑in‑time recovery.

👥 Access & Authentication

  • Role-based access controls (RBAC) — least‑privilege access by default.
  • Multi‑factor authentication — available for additional account security.
  • Secure session management — HttpOnly, Secure, and SameSite cookies.

🛡️ Application Security

  • Built‑in protections — Laravel guards against XSS, CSRF, and SQL injection.
  • Rate limiting & abuse prevention — on login and API endpoints.
  • Audit logs & change history — accountability across quotes and approvals.

🌍 Compliance & Privacy

  • Data regions — UK/EU hosting options available for data residency requirements.
  • Data Processing Addendum (DPA) — available on request.
  • No data selling — we never sell or share customer data with third parties.

📊 Monitoring & Reliability

  • Continuous monitoring — via AWS CloudWatch and AWS WAF.
  • DDoS protection — AWS Shield.
  • Transparent uptime — see Status.
Commitment
We continuously review and improve our security practices to meet the expectations of contractors, service firms, and enterprise buyers. Questions about security or compliance? Contact security@tibr.ai.
For real-time uptime and incident reporting, visit our Status Page

We use essential cookies to make our site work. With your consent, we also use analytics and marketing cookies to improve your experience. You can manage your choices any time.