Security
Security is foundational to everything we do
NightOps is built with security-first principles. We protect your cloud credentials and ensure safe, predictable operations.
Encrypted at Rest & Transit
All credentials and sensitive data are encrypted using AES-256. Communications use TLS 1.3.
Least Privilege Access
We request only the minimum permissions needed. You control exactly which resources we can manage.
Full Audit Logging
Every action is logged with timestamps and context. Export logs anytime for compliance.
No Agent Required
NightOps uses cloud provider APIs directly. No software to install in your environment.
How We Protect Your Cloud
Credential Management
- Credentials are encrypted using AES-256 and stored in isolated, access-controlled vaults
- We support role-based access via IAM roles, service accounts, and managed identities
- Credentials are never logged, displayed, or accessible to our team
Production Safeguards
- Tag-based protection prevents accidental scheduling of production resources
- Confirmation required for any schedule affecting resources without proper tags
- Built-in delay before operations execute, allowing time to cancel
Access Controls
- Role-based access control for team members
- SSO integration with your identity provider
- Session management and automatic timeout
Compliance
- SOC 2 Type II certification in progress
- GDPR compliant data handling
- Data residency options available for enterprise customers
Security Questions?
We're happy to discuss our security practices in detail. Contact our security team or request our security documentation.