Security

Security is Our Top Priority

At New Range, safeguarding our customers' data is our utmost priority. This page provides an overview of our security practices designed to protect your information. If you have any questions or need more details, please reach out to us at security@newrange.com.

Security Practices at New Range

Dedicated Security Team

Our technical team consists of skilled experts dedicated to enhancing our security posture. They receive ongoing training in security incident response and are available 24/7 to address any potential issues.

Infrastructure

• Cloud Services: All New Range offerings operate in the cloud, utilizing Amazon Web Services (AWS) to ensure robust security and compliance with industry standards. Learn more about AWS security practices here.
• Data Center Security: Our U.S.-based data center meets Tier IV, SOC 2, and ISO 27001 compliance standards. It is monitored 24/7 with comprehensive security measures, including guards, CCTV, and electronic access controls. They are actively monitored for security breaches, power outages, HVAC issues, and temperature fluctuations. For more information, click here.

Network-Level Security Monitoring and Protection

Our network architecture incorporates multiple security zones to prevent unauthorized access. Key features include:

• A virtual private cloud (VPC) with distinct subnets for public and private traffic.
• Separate VPCs for production and testing environments.
• Port-based restrictions for network traffic.
• An Intrusion Detection System (IDS) to monitor and alert on potential threats.

Data Encryption

• In Transit: All data exchanged with our infrastructure is encrypted in transit using Transport Layer Security (TLS) 1.2.
• At Rest: User data is encrypted in our databases with AES-256, and passwords are hashed using bcrypt and/or AES-256. We utilize AWS KMS for secure key management.

Business Continuity and Disaster Recovery

New Range maintains a comprehensive Business Continuity Policy (BCP) and Disaster Recovery Policy (DRP). We conduct annual tabletop exercises to prepare for various crisis scenarios, ensuring consistent operations. Our DRP is regularly updated and tested to guarantee quick restoration of services. We back up critical assets and store encrypted backups for 30 days, maintaining infrastructure configurations as code for rapid recovery.

Application Security Monitoring

We employ a robust application security monitoring solution that provides visibility into potential threats, enabling prompt responses to breaches. This includes monitoring exceptions, logs, and anomalies while maintaining a detailed audit trail.

Responsible Disclosure

We encourage compliance with our policies through our responsible disclosure program. Please avoid automated testing and conduct security assessments only with your own data. Report vulnerabilities to security@newrange.com, including proof of concept, and we will respond promptly.

User Protection

• Single Sign-On: We support SSO integration with providers like Microsoft, Google Workspace, and Apple.
• Account Takeover Protection: New Range actively monitors and blocks brute force attacks to safeguard user accounts.
• Access Control: Our role-based access control (RBAC) system allows users to define roles and permissions, while attribute-based access control (ABAC) provides granular permissions for specific needs.

Compliance

New Range is SOC 2 Type I & II and SOC 3 certified demonstrating our commitment to high standards of data security through independent audits.

Employee Access

Our internal procedures restrict access to user data to only what is necessary. All access is tracked by our event-based system, monitored, and fully auditable, requiring dual sign-off for critical systems. Employees sign a Non-Disclosure and Confidentiality Agreement upon joining and participate in annual security training.