Security at Double
We take security very seriously at Double and hold ourselves to strict standards when it comes to keeping your and your clients' data secure.
See below for a high level overview of how we handle security in our application or check out our Trust Center for a detailed breakdown.
If you have any questions or concerns about our practices, please email us immediately at ben.stein@doublehq.com.
Standards
Double is SOC 2, Type 2 Certified. Please contact your sales representative or CSM for more information and our accreditation report.
Data Storage and Transmission
All data in Double is fully encrypted at rest and in transit.
At rest:
All data on Double's servers is encrypted at rest with AES-256, block-level storage encryption (bank-grade encryption)
This includes documents and attachments uploaded to Double
In transit:
We employ TLS to ensure all passwords, documents, and financial information stay securely within Double
Passwords and Authentication
We use Google's Firebase for user auth management
They are certified under major privacy and security standards, including ISO 27001, SOC 1, SOC 2, and SOC 3
For more information on Firebase's security standards, please see this link
Double supports two factor authentication for both accountants and clients.
Privacy
We do not sell any user data or client financial information.
Backups
Double's servers are continuously backed up to minimize risk of data loss.