Security

Mastt leverages the power of Microsoft Azure to deliver secure, reliable, and scalable access to Mastt through your preferred web browser. We utilize firewalls, intrusion detection systems, and network segmentation to defend against external threats.

Data storage is region-specific to meet data sovereignty requirements:

• For customers in the Americas, data is stored in Microsoft Azure data centers located in the United States.
• For Australian and all other customers, data is stored in Microsoft Azure data centers located in Australia.

Explore the Microsoft Datacenters worldwide here. This approach ensures that customer data remains accessible, protected, and optimized for performance across all regions.

Account security is a top priority at Mastt, and we implement best practice measures to safeguard user access and sensitive information. Our access controls ensure that only authorized personnel can view or manage critical data, including:

• Single Sign-On (SSO): Simplify access management by enabling users to log in with a single set of credentials across multiple applications.
• Multi-Factor Authentication (MFA): Add an extra layer of security by requiring multiple forms of verification to access accounts.
• Integration with Leading Identity Providers: Mastt supports seamless integration with enterprise-grade identity platforms like Okta and Microsoft Azure Entra ID / Active Directory (AAD) for secure and efficient user authentication.

Additionally, our flexible role-based permissions allow users to be assigned different roles including administrators, managers, designers, or content viewers, ensuring secure and streamlined access based on their responsibilities.

Mastt implements robust measures to minimize downtime and maintain seamless platform availability, consistently achieving an average uptime of over 99.95% since the platform’s launch. Our systems are continuously monitored to detect and respond to potential threats in real-time.

To safeguard customer data, Mastt performs secure, automated backups every 24 hours, ensuring data integrity and availability in the event of any disruption.

In the unlikely event of an incident, Mastt follows structured and proactive Incident Response steps in accordance with our Information Security Management System (ISMS). This process includes immediate investigation, containment, remediation, and thorough post-incident analysis to prevent recurrence.

Our goal is to minimize disruption, protect customer data, and maintain the integrity and availability of the Mastt platform.

At Mastt, we prioritize the security of your data by implementing industry-standard encryption protocols to protect information both in transit and at rest. Additionally, we conduct regular security audits to proactively identify and mitigate potential risks, ensuring a safe and reliable experience for our users.

Mastt connections are secured using HTTPs protected by Transport Layer Security (TLS 1.2+). The data in transit is encrypted using the AES256 standard, the secure hash algorithm (SHA-2) for message authentication and RSA as the encryption key exchange mechanism.

Mastt prioritizes the security and resilience of its platform through regular penetration testing, conducted in collaboration with our trusted partner, NCC Group, a global leader in cybersecurity. These tests simulate real-world attack scenarios to identify and address potential vulnerabilities, ensuring our defenses remain robust against evolving threats. NCC Group's expertise, combined with Mastt's proactive security practices, provides our customers with confidence that their data is protected by industry-leading standards and continuously assessed for potential risks.

Customers and can contact us here for the latest penetration testing report.

Mastt regularly releases software updates that introduce new features, enhancements, and performance improvements, with all clients receiving updates simultaneously.  

We only release software after qualifying our application in development and staging environments thoroughly, and each release follows strict release protocols. With each major release, Mastt provides detailed release notes and insights into new features, along with previews of upcoming enhancements to our customers.

Mastt leverages the security and privacy advantages of Amazon Bedrock, a managed AI service designed for enterprise-grade protection. This allows us to deliver AI-powered features confidently while ensuring your data is protected by rigorous safeguards and sovereign cloud controls.AI services are region-specific to meet data residency and compliance requirements:

• For customers in Australia, all AI features are hosted within AWS data centers located in Australia. Your prompts and results do not leave the country, ensuring full compliance with Australian data sovereignty standards.
  
• For customers in the Americas and all other customers, AI usage is handled similarly based on resource availability.
  

We follow strict privacy practices across all regions:

• Prompts and responses are not stored or logged.
  
• Your data is not used to train any AI models — by Mastt or by AWS.
  
• No data is exposed outside of Mastt’s private and secure cloud environment.
  

Explore the official AWS Bedrock documentation on data protection here. This ensures AI capabilities at Mastt remain both powerful and secure—by design.