Trust and Security

Monita Trust and Security

Monita is an ISO27001 certified platform that allows companies to Monitor data and ensure it meets their data quality, governance and compliance requirements. Monita accepts data in two ways, it can either be pushed to us or we can pull it.

When data is pushed it is streamed to Monita's secure HTTPS API endpoint. When data is pulled, this is initiated by users providing secure authentication credentials, providing Monita's service with the ability to securely pull the data from the system or database (e.g. Google Big Query) according to the rights provided to it. Any data that is observed or moved is encrypted in flight and at rest.

Monita is a Cloud hosted SaaS application which means that we take care of scaling, reliability and security to make it much easier to observe data.

This document is an overview of how we provide best in industry security. We'll cover three major areas in the data lifecycle:

- Product Security: How we ensure only you can see your own data
- Network and Application Security: how we ensure your data is protected when it is in our cloud
- Ongoing Operations: how we remain good stewards of security best practices

Product Security

To use Blynk, you must be at least 18 years old and capable of entering into a legally binding agreement. By using the Platform, you represent and warrant that you meet these requirements.

Account Registration

  1. SSO: All access and sign-ins to Monita are conducted via an SSO provider: GSuite. We can work with your IT team to integrate to your provider of choice. We do not store customer passwords.
  2. Credential Storage: We encrypt sensitive customer data (e.g. secrets, authentication tokens) at-rest with AES256 as described in Google's documentation.
  3. Permissions and Role-Based Access Control: Our permission levels inherit from the permissions you have assigned in the systems you integrate Monita with.

    Only users with admin access are able to view the data, create observability rules, create integrations and delete integrations. Users are unable to delete any warehoused data via Monita. Any access to warehoused data is managed purely by the IAM controls of the data warehouse.

Network and Application Security

  1. Data Hosting: 
Our physical infrastructure is hosted and managed within Google Cloud Platform (GCP) using their secure data centers. Monita leverages many of the platform's built-in security, privacy, and redundancy features. GCP continually monitors its data centers for risk and undergoes assessments to ensure compliance with industry standards. GCP's data centers have numerous accreditations, including ISO-27001, SOC 1 and SOC 2.
  2. Virtual Private Cloud: All of our servers are within a virtual private cloud (VPC) with firewalls and network access control lists (ACLs) to allow external access to a select few API endpoints; all other internal services are only accessible within the VPC.
  3. Encryption: All Monita apps are served entirely over HTTPS. All data sent to or from Monita over the public internet is encrypted in transit using 256-bit encryption. Our API and application endpoints are TLS only (v1.2). We use only strong cipher suites and HTTP Secure Transport Security (HSTS) to ensure browsers interact with Monita apps over HTTPS. We also encrypt data at rest using AES-256.
  4. Permissions and Authentication: Access to customer data is limited to authorised employees who require it for their job. We run a zero-trust corporate network so there are no corporate resources or additional privileges gained from being on Monita's internal network. We utilise single sign-on, 2-factor authentication (2FA), and enforce strong password policies to ensure access to all cloud-related services are protected.
  5. Incident Response: We have an internal protocol for handling security events which includes escalation procedures, rapid mitigation, and documented post-mortems. We notify customers promptly and publicise security advisories at status.getmonita.io
  6. Penetration Testing: Monita uses third-party security tools to scan for vulnerabilities on a regular basis. Our security partners conduct periodic, intensive penetration tests on the Monita platform. Our product development team immediately responds to any identified issues or potential vulnerabilities to ensure the quality and security of Monita applications.

Security and Compliance Programs

Certifications

  1. ISO-27001: Monita is an ISO/IEC 27001: 2022 certified platform that allows companies to Monitor data and ensure it meets their data quality, governance and compliance requirements. If you would like to learn more, please reach out to support@getmonita.io to get the details of our current information security measures.

People

  1. Background Checks: All Monita employees go through a thorough background check before hiring.
  2. Training: We take a least-privilege approach to the access and handling of data. While we retain a minimal amount of customer data and limit internal access on a need-to-know basis, all employees are required to review related security policies and are trained on proper data handling to ensure they uphold our strict commitment to the privacy and security of your data.
  3. Confidentiality: All employees sign a confidentiality agreement before they start at Monita.

Vulnerability Control

  1. Vulnerability Management: We keep our systems up-to-date with the latest security patches and continuously monitor for new vulnerabilities through compliance and security mailing lists. This includes automatic scanning of our code repositories for vulnerable dependencies.

Looking for a guided tour?

Get a one-on-one session to see how Monita helps businesses monitor tracking, prevent data leaks, and stay compliant—effortlessly.

Book a Demo

Resources

API StatusHomeWhy Monita?BlogsTrust and Security

Company

AboutPressLegalRNA Digital
Sydney, AustraliaContact Us

© Copyright 2026 All Rights Reserved by RNA Digital

LegalTrust and Security