Last updated: January 24, 2026

Security

How we protect your properties, payments, and personal information.

SOC 2 Type II

Compliant

PCI DSS

Level 1

Data Encryption

AES-256

Uptime

99.9% SLA

Our Security Commitment

Security is foundational to everything we do at Varden Homes. We handle sensitive financial transactions and personal information, and we take that responsibility seriously. Our security program is designed to protect your data at every layer.

Data Encryption

In Transit

All data transmitted to and from Varden Homes is encrypted using TLS 1.3 with strong cipher suites. We enforce HTTPS for all connections and use HTTP Strict Transport Security (HSTS) to prevent downgrade attacks.

At Rest

All stored data is encrypted using AES-256 encryption. This includes:

Database contents
File uploads and documents
Backups and archives
Logs and audit trails

Sensitive Data

Particularly sensitive information receives additional protection:

Social Security Numbers are encrypted with dedicated keys and access-controlled
Bank account details are tokenized through Stripe and never stored on our servers
Passwords are hashed using bcrypt with appropriate cost factors

Payment Security

Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. This means:

Credit card numbers never touch our servers
Bank account information is tokenized and secured by Stripe
All payment pages are served over secure connections
Stripe monitors transactions for fraud 24/7

We implement additional fraud prevention measures including:

Velocity checks on payment attempts
Identity verification for new accounts receiving payouts
Automated monitoring for suspicious activity
Bank account ownership verification

Access Control

User Authentication

Strong password requirements (minimum 12 characters)
Two-factor authentication (2FA) available for all accounts
2FA required for accounts with payout access
Session timeout after inactivity
Secure session management with rotating tokens

Employee Access

Principle of least privilege for all employee access
Role-based access control (RBAC)
All access logged and audited
Background checks for employees with data access
Regular access reviews and revocation

Infrastructure Security

Cloud Infrastructure

Varden Homes is hosted on enterprise-grade cloud infrastructure with:

SOC 2 Type II certified data centers
Geographic redundancy across multiple availability zones
Automated failover and disaster recovery
24/7 infrastructure monitoring
Regular penetration testing and vulnerability assessments

Network Security

Web Application Firewall (WAF) protection
DDoS mitigation
Intrusion detection and prevention systems
Network segmentation and isolation
Regular security scanning

Application Security

Secure development lifecycle (SDLC) practices
Code review requirements for all changes
Automated security scanning in CI/CD pipeline
Regular third-party security assessments
Dependency vulnerability monitoring
OWASP Top 10 protections

Compliance

Varden Homes maintains compliance with relevant security and privacy standards:

SOC 2 Type II - Annual audit of security controls
PCI DSS - Through our payment processor (Stripe)
GDPR - For users in the European Economic Area
CCPA - For California residents
FCRA - For consumer reports used in tenant screening

Incident Response

We maintain a comprehensive incident response program including:

24/7 security monitoring and alerting
Documented incident response procedures
Regular incident response drills
Communication plans for affected users
Post-incident review and improvement process

In the event of a security incident affecting your data, we will notify you in accordance with applicable laws and our notification policy.

Business Continuity

Automated backups with point-in-time recovery
Geographically distributed backup storage
Regular backup restoration testing
Documented disaster recovery procedures
99.9% uptime SLA

Security Tips for Users

Help keep your account secure:

Enable 2FA - Add an extra layer of protection to your account
Use a unique password - Don't reuse passwords from other services
Verify requests - We will never ask for your password via email or phone
Check URLs - Always verify you're on vardenhomes.com before entering credentials
Report suspicious activity - Contact us immediately if something seems wrong

Responsible Disclosure

We value the security research community. If you discover a security vulnerability, please report it responsibly:

Security Team

Email: security@vardenhomes.com

PGP Key: Available on request

Please allow us reasonable time to address vulnerabilities before public disclosure.

Contact Us

For security questions or concerns:

Varden Homes Security

Email: security@vardenhomes.com

For urgent issues: 1-800-555-0123 (select security option)

Last updated: January 24, 2026

Security

How we protect your properties, payments, and personal information.

SOC 2 Type II

Compliant

PCI DSS

Level 1

Data Encryption

AES-256

Uptime

99.9% SLA

Our Security Commitment

Data Encryption

In Transit

At Rest

All stored data is encrypted using AES-256 encryption. This includes:

Database contents
File uploads and documents
Backups and archives
Logs and audit trails

Sensitive Data

Particularly sensitive information receives additional protection:

Social Security Numbers are encrypted with dedicated keys and access-controlled
Bank account details are tokenized through Stripe and never stored on our servers
Passwords are hashed using bcrypt with appropriate cost factors

Payment Security

Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. This means:

Credit card numbers never touch our servers
Bank account information is tokenized and secured by Stripe
All payment pages are served over secure connections
Stripe monitors transactions for fraud 24/7

We implement additional fraud prevention measures including:

Velocity checks on payment attempts
Identity verification for new accounts receiving payouts
Automated monitoring for suspicious activity
Bank account ownership verification

Access Control

User Authentication

Strong password requirements (minimum 12 characters)
Two-factor authentication (2FA) available for all accounts
2FA required for accounts with payout access
Session timeout after inactivity
Secure session management with rotating tokens

Employee Access

Principle of least privilege for all employee access
Role-based access control (RBAC)
All access logged and audited
Background checks for employees with data access
Regular access reviews and revocation

Infrastructure Security

Cloud Infrastructure

Varden Homes is hosted on enterprise-grade cloud infrastructure with:

SOC 2 Type II certified data centers
Geographic redundancy across multiple availability zones
Automated failover and disaster recovery
24/7 infrastructure monitoring
Regular penetration testing and vulnerability assessments

Network Security

Web Application Firewall (WAF) protection
DDoS mitigation
Intrusion detection and prevention systems
Network segmentation and isolation
Regular security scanning

Application Security

Secure development lifecycle (SDLC) practices
Code review requirements for all changes
Automated security scanning in CI/CD pipeline
Regular third-party security assessments
Dependency vulnerability monitoring
OWASP Top 10 protections

Compliance

Varden Homes maintains compliance with relevant security and privacy standards:

SOC 2 Type II - Annual audit of security controls
PCI DSS - Through our payment processor (Stripe)
GDPR - For users in the European Economic Area
CCPA - For California residents
FCRA - For consumer reports used in tenant screening

Incident Response

We maintain a comprehensive incident response program including:

24/7 security monitoring and alerting
Documented incident response procedures
Regular incident response drills
Communication plans for affected users
Post-incident review and improvement process

In the event of a security incident affecting your data, we will notify you in accordance with applicable laws and our notification policy.

Business Continuity

Automated backups with point-in-time recovery
Geographically distributed backup storage
Regular backup restoration testing
Documented disaster recovery procedures
99.9% uptime SLA

Security Tips for Users

Help keep your account secure:

Enable 2FA - Add an extra layer of protection to your account
Use a unique password - Don't reuse passwords from other services
Verify requests - We will never ask for your password via email or phone
Check URLs - Always verify you're on vardenhomes.com before entering credentials
Report suspicious activity - Contact us immediately if something seems wrong

Responsible Disclosure

We value the security research community. If you discover a security vulnerability, please report it responsibly:

Security Team

Email: security@vardenhomes.com

PGP Key: Available on request

Please allow us reasonable time to address vulnerabilities before public disclosure.

Contact Us

For security questions or concerns:

Varden Homes Security

Email: security@vardenhomes.com

For urgent issues: 1-800-555-0123 (select security option)