Our customers trust us to keep their data secure and it’s a responsibility we take seriously. Our security-minded approach is reflected in how we design our product, policies, and procedures.
We combine best practices in system architecture and internal processes to keep your data safe.
Metronome enforces strict authentication and authorization throughout the system, even between internal services within the network perimeter.
System access is always limited to the minimum required level. This applies to both employee access for support purposes and internal communication between systems.
Metronome encrypts your data in transit and at rest. We use modern cryptographic algorithms like AES256-GCM and follow key management best practices with strict user access control.
We conduct extensive security-design reviews and regular penetration tests. All Metronome employees and contractors attend mandatory annual information security training.
Customers can centrally manage their access to Metronome using single sign-on (SSO). Metronome data is immutable, and actions are recorded in an audit log.
Our cloud providers comply with industry-leading security practices and frameworks, including SOC 2, ISO 27001, and PCI DSS.
Trust and security are core to our commitment to our customers. Our enterprise-grade security features and comprehensive audits ensure we're aligned to industry best practices.
Metronome has security and reliability built in, which gives us a lot of confidence in using them as our billing system.