> For the complete documentation index, see [llms.txt](https://docs.middle.app/middle-docs/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.middle.app/middle-docs/introduction/security.md). # Security ## Policies We have the following security policies in place and can make them available upon request: Acceptable Use, Asset Management, Backup, Business Continuity Plan, Change Management, Code of Conduct, Cryptography, Data Classification, Data Deletion, Data Protection, Disaster Recovery Plan, Incident Response Plan, Information Security, Password, Physical Security, Responsible Disclosure, Risk Assessment, System Access Control, Vendor Management, and Vulnerability Management. ## Cloud security Middle is hosted on Amazon Web Services (AWS). More information on their security can be found on the [AWS Security website](https://aws.amazon.com/security/). We take the following security steps on AWS: * Data is encrypted at rest. It is also encrypted in transit with TLS/SSL. * Every customer’s data is stored on its own database instance separate from other customers’ data. ## Product security * Passwords must be a minimum of eight characters and passwords on the Pwned password list cannot be used to create an account. * Middle monitors sessions by IP address and time. * Access can be granted at the account or sub-account level. ## Middle employees All employees undergo a complete background check and sign an Employee Invention Assignment and Confidentiality Agreement when they join the company. We also track that all employees do the following: * Review and accept security policies * Complete security training ## Government Middle complies with CCPA and GDPR. Requests to review, correct, update, suppress, or delete personal information that Middle maintains about a person can be sent to . ## Certifications Middle is working towards SOC2 certification. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.middle.app/middle-docs/introduction/security.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.