Plugsky's security posture is built for enterprise: SOC 2 Type II, ISO 27001, customer-managed keys (BYOK), audit log export, and a public responsible disclosure program.
Certifications
- SOC 2 Type II — security, availability, confidentiality
- ISO 27001 — information security management
- ISO 27017 — cloud-specific controls
- ISO 27018 — PII protection
- HIPAA + BAA available
- FedRAMP Moderate (Q4 2026)
- GDPR + EU SCCs available
- PDPL (Saudi Arabia) compliant
Encryption
- At rest: AES-256 with envelope encryption (per-region KMS)
- In transit: TLS 1.3 only, HSTS preloaded
- Customer-managed keys (BYOK): AWS KMS, Azure Key Vault, HashiCorp Vault, on-prem HSM
- Per-request encryption: optional for highly regulated workloads
Access control
- SAML 2.0 / OIDC SSO on Enterprise
- SCIM provisioning on Enterprise
- RBAC with workspace, role, and resource-level permissions
- Per-key rate limits and quotas
- Audit log export to SIEM (Splunk, Sentinel, QRadar, Datadog)
Responsible disclosure
Email security@plugsky.com with vulnerability reports. PGP key on request. We respond within 24h and credit researchers in our hall of fame.