Nbase security

SOC 2

Nbase is SOC2 Type 2 compliant. This is an important security policy when handling sensitive customer data.

Enterprise and Teams customers can access our SOC2 report on the dashboard.

HIPAA

Nbase is HIPAA compliant. You can store Protected Health Information (PHI) on our hosted platform once you enter into a Business Associate Agreement (BAA) with us and fulfill your HIPAA obligations under our shared responsibility model.

Enterprise and Teams customers can request to sign our BAA on the dashboard.

Data Encryption

All customer data is encrypted at rest with AES-256 and in transit via TLS.

Sensitive information like access tokens and keys are encrypted at the application level before they are stored in the database.

Github security integration

If any Nbase API keys are pushed to GitHub, they are automatically revoked.

Role-based access control

Members of organizations in Nbase can be granted access to specific resources.

Backups

All paid customer databases are backed up every day.

Point in Time Recovery allows restoring the database to any point in time.

Payment processing

Supabase uses Stripe to process payments and does not store personal credit card information for any of our customers.

Vulnerability Management

Nbase works with industry experts to conduct regular penetration tests.