Data and systems security notice

Personal computer security

Communications between your computer and 1000minds are always encrypted.

Keeping your data secure also depends on you maintaining the security of your account by using a sufficiently complicated password and storing it safely. You should also ensure that you have sufficient security on your computers.

If you have a Microsoft account or a Google account, we recommend you use this to log in so that you don’t have to set up and remember a separate password for 1000minds.

Operating environment and application security

1000minds is software-as-a-service running on Microsoft Azure. Microsoft Azure meets a broad set of international and industry-specific compliance standards, such as ISO 27001, HIPAA, FedRAMP, SOC 1 and SOC 2, as well as country-specific standards including Australia IRAP and UK G-Cloud.

When you sign up, you may choose to have your data stored in either the US or in Europe. If you wish, you can create an account in both regions; note that the regions operate independently and data cannot be transferred between them.

Data is encrypted both in transit and at rest, and encrypted backups are stored geo-redundantly. Our software engineers use best practices and industry-standard secure coding guidelines. Third-party white-box penetration tests are used to evaluate and improve the security of our applications and environment.

On request, 1000minds can be configured to require single sign-on (SSO) via Microsoft Entra login or Google Workspace login for all of the customer’s users.

Our logs record your use of 1000minds for security, troubleshooting and internal audit purposes. These logs are also stored and processed securely.

1000minds does not use equipment, systems or services provided by companies precluded by section 889 of the US National Defense Authorization Act of 2019.

Confidentiality agreements

You can trust us to keep your data confidential. If you wish, we’re happy to enter into a contractual agreement to guarantee the confidentiality of your information on 1000minds.

1000minds has a responsible disclosure policy.