Doreximarus
Doreximarus Logo

Security Policy

Last Updated: April 2, 2025

At Doreximarus, we are committed to protecting the security of your information and maintaining the integrity of our platform. This Security Policy outlines the measures we implement to safeguard your data and our systems.

1. Information Security Framework

We maintain a comprehensive information security program designed to protect against unauthorized access, disclosure, alteration, and destruction of data. Our security framework is built on industry-standard practices and continuously evolves to address emerging threats.

1.1 Security Standards

Our security practices align with recognized industry standards and best practices. We regularly review and update our security controls to ensure they remain effective against current threat landscapes.

1.2 Risk Assessment

We conduct regular risk assessments to identify potential vulnerabilities and implement appropriate countermeasures. These assessments inform our security roadmap and prioritization of protective measures.

2. Data Protection Measures

2.1 Encryption

We employ encryption technologies to protect data both in transit and at rest:

  • All data transmitted between your browser and our servers is encrypted using industry-standard TLS protocols
  • Sensitive data stored in our databases is encrypted using strong encryption algorithms
  • Encryption keys are managed securely and rotated regularly
  • We use secure communication protocols for all internal data transfers

2.2 Access Controls

We implement strict access control measures to ensure that only authorized personnel can access systems and data:

  • Role-based access control limiting access based on job function
  • Multi-factor authentication for system access
  • Regular access reviews and privilege audits
  • Immediate revocation of access upon termination of employment
  • Principle of least privilege ensuring minimal necessary access

2.3 Data Segmentation

We maintain logical separation of customer data and implement network segmentation to limit the potential impact of any security incident.

3. Infrastructure Security

3.1 Network Security

Our network infrastructure includes multiple layers of protection:

  • Firewalls and intrusion detection systems monitoring network traffic
  • Regular security patches and updates to network devices
  • Network segmentation isolating critical systems
  • DDoS protection and traffic filtering
  • Continuous network monitoring and logging

3.2 Server Security

We maintain secure server environments through:

  • Hardened server configurations following security best practices
  • Regular security updates and patch management
  • Automated vulnerability scanning
  • Secure baseline configurations for all systems
  • Physical security controls at data center facilities

3.3 Cloud Security

When utilizing cloud services, we ensure our providers maintain appropriate security certifications and implement controls consistent with our security standards.

4. Application Security

4.1 Secure Development

We follow secure coding practices throughout our development lifecycle:

  • Security training for all development team members
  • Code reviews focusing on security implications
  • Static and dynamic application security testing
  • Dependency scanning for vulnerable third-party libraries
  • Security testing before production deployment

4.2 Vulnerability Management

We maintain an active vulnerability management program:

  • Regular vulnerability assessments and penetration testing
  • Responsible disclosure program for security researchers
  • Prioritized remediation based on risk severity
  • Tracking and verification of vulnerability fixes

5. Authentication and Password Security

5.1 Password Requirements

We enforce strong password policies to protect account security:

  • Minimum password length and complexity requirements
  • Password encryption using industry-standard hashing algorithms
  • Protection against brute force attacks through rate limiting
  • Secure password reset mechanisms

5.2 Multi-Factor Authentication

We offer multi-factor authentication options to add an additional layer of security to your account. We strongly recommend enabling this feature for enhanced protection.

6. Monitoring and Incident Response

6.1 Security Monitoring

We maintain continuous security monitoring capabilities:

  • Real-time monitoring of systems and applications
  • Automated alerting for suspicious activities
  • Comprehensive logging and log analysis
  • Security information and event management systems

6.2 Incident Response

We have established incident response procedures to address security events:

  • Dedicated incident response team
  • Documented incident response plans and procedures
  • Regular incident response drills and testing
  • Communication protocols for affected parties
  • Post-incident analysis and remediation

6.3 Breach Notification

In the event of a data breach that affects your information, we will notify you in accordance with applicable legal requirements and provide information about the incident and steps you can take to protect yourself.

7. Employee Security

7.1 Background Checks

We conduct appropriate background checks on employees with access to sensitive systems and data, in accordance with applicable laws.

7.2 Security Training

All employees receive security awareness training:

  • Initial security training during onboarding
  • Regular security awareness updates
  • Phishing simulation exercises
  • Role-specific security training for technical staff

7.3 Confidentiality Obligations

All employees and contractors sign confidentiality agreements and are bound by policies regarding the protection of customer information.

8. Third-Party Security

8.1 Vendor Assessment

We evaluate the security practices of third-party service providers who process or have access to customer data:

  • Security assessments before vendor engagement
  • Contractual security requirements
  • Periodic review of vendor security practices
  • Requirement for vendors to notify us of security incidents

8.2 Data Processing Agreements

We maintain appropriate data processing agreements with third parties who handle customer data on our behalf, ensuring they implement adequate security measures.

9. Business Continuity and Disaster Recovery

9.1 Backup Procedures

We maintain regular backup procedures to ensure data availability:

  • Automated daily backups of critical data
  • Encrypted backup storage
  • Geographically distributed backup locations
  • Regular backup restoration testing

9.2 Business Continuity Planning

We maintain business continuity and disaster recovery plans to ensure service availability in the event of disruptions. These plans are tested regularly and updated as needed.

10. Physical Security

Our offices and data centers implement physical security controls including:

  • Controlled access to facilities
  • Video surveillance systems
  • Visitor management procedures
  • Secure disposal of physical media containing sensitive information

11. Compliance and Audits

11.1 Security Audits

We conduct regular internal security audits and engage third-party security firms to perform independent assessments of our security controls.

11.2 Compliance Programs

We maintain compliance programs aligned with applicable security standards and regulations relevant to our services.

12. Your Security Responsibilities

While we implement robust security measures, account security also depends on your actions:

  • Choose strong, unique passwords for your account
  • Enable multi-factor authentication when available
  • Keep your login credentials confidential
  • Log out of your account when using shared devices
  • Keep your contact information current for security notifications
  • Report suspicious activity or security concerns immediately
  • Ensure your own devices and networks are secure

13. Reporting Security Vulnerabilities

We welcome reports of potential security vulnerabilities from security researchers and users. If you discover a security issue, please report it to us at:

Email: help@doreximarus.com

Please include detailed information about the vulnerability to help us assess and address it promptly. We request that you:

  • Provide sufficient detail to reproduce the issue
  • Avoid accessing or modifying data that does not belong to you
  • Do not disclose the vulnerability publicly until we have addressed it
  • Act in good faith to avoid privacy violations and service disruptions

We are committed to working with security researchers to verify and address reported vulnerabilities in a timely manner.

14. Security Updates and Communications

We may communicate with you regarding security matters through:

  • Email notifications to your registered email address
  • In-platform notifications
  • Updates to this Security Policy
  • Public security advisories when appropriate

15. Limitations

While we implement comprehensive security measures, no system can be completely secure. We cannot guarantee absolute security and are not responsible for unauthorized access resulting from:

  • Your failure to protect your login credentials
  • Vulnerabilities in your own systems or networks
  • Social engineering attacks targeting you directly
  • Actions of third parties beyond our control

16. Updates to This Policy

We may update this Security Policy periodically to reflect changes in our security practices, technologies, or legal requirements. We will post the updated policy on our website with a revised date. Continued use of our services after changes constitutes acceptance of the updated policy.

17. Contact Information

If you have questions, concerns, or requests regarding our security practices, please contact us:

Email: help@doreximarus.com

Website: doreximarus.com

We take security seriously and are committed to maintaining the trust you place in us by protecting your information and our platform.

Cookie Preferences

We use cookies to improve your experience. Choose your preferences below.

Enables storage related to advertising purposes, such as ad frequency and conversion tracking.

Allows storage for analytics data to help us understand how visitors interact with our site.

Enables personalized advertising based on your browsing behavior and preferences.

Stores user-specific data to improve your overall experience on the site.