This Security Policy outlines the commitment of **Aura Spire** ("we", "us", or "our") to protect the confidentiality, integrity, and availability of information and systems used to deliver our services (including WordPress, Wix, SEO, and Virtual Assistant services).
We view data security as a core component of our service and continuously work to implement industry best practices to safeguard your information.
1. Data Security Measures
We employ several layers of protection to ensure your data remains secure:
1.1. Encryption in Transit and at Rest
- All data transmitted between your browser and our servers is secured using **SSL/TLS encryption (HTTPS)**.
- Sensitive customer data stored on our systems (data at rest) is encrypted where appropriate.
1.2. Access Control and Authentication
- Access to sensitive data is strictly limited to authorized personnel who require it to perform their duties.
- We utilize strong **password policies** and **Multi-Factor Authentication (MFA)** for all administrative access points.
1.3. Secure Development Practices
For all custom code, WordPress, and Wix development projects, we adhere to secure coding standards and conduct regular security testing to mitigate common vulnerabilities (e.g., OWASP Top 10).
2. Infrastructure and Network Security
Our hosting environment implements comprehensive network protection:
- **Firewalls and Intrusion Detection:** We use enterprise-grade firewalls and intrusion detection systems to monitor and block malicious traffic.
- **Regular Monitoring:** Systems and network activity are continuously monitored for unusual or suspicious behavior.
3. Data Backup and Recovery
To ensure data availability and integrity, we implement robust backup procedures:
- Data is backed up **frequently** and stored securely off-site.
- We maintain a tested disaster recovery plan to quickly restore services in the event of a major incident.
4. Incident Response
In the unlikely event of a security breach, we are prepared to act quickly:
- We have an established **Incident Response Plan** to contain, eradicate, and recover from security incidents.
- Affected users will be notified in accordance with legal and regulatory requirements, including GDPR.
5. Your Role in Security
While we handle system security, your cooperation is essential:
- Use **strong, unique passwords** for any account you create with our services.
- Keep your login credentials confidential and notify us immediately if you suspect unauthorized access.
6. Contact Us for Security Concerns
If you discover a security vulnerability or have questions about our security practices, please contact our security team immediately:
This policy is subject to change as technology and best practices evolve. We commit to updating this page to reflect changes in our security controls.