Security & Compliances

It’s critical to us that your information is safe and secure. From development to hosting to monitoring, we’ve created multiple layers of security to keep your data secure and private.

Application level security features

MangoApps provides a wide-range of application level security to ensure your account is as secure as you want it to be. From data retention settings, to who and how users access your MangoApps account, you have control over how you want to secure your account & data.


  • Set minimum length and complexity of passwords
  • Auto session expiration
  • Automatic virus scan of documents
  • One way hash of passwords and PINS
  • Security alerts for unauthorized access
  • Custom admin roles
  • Disallow saving of username / passwords
  • Two factor authentication support
  • Set custom IP ranges to limit access
  • Disable and wipe out data from mobile and desktop devices
  • Require a PIN or FaceID to access MangoApps on mobile devices
  • Single sign-on support for nearly all options and vendors in use today (SAML, OAuth, Active Directory, DUO or even custom SSO)
  • Data loss prevention (DLP) policies*
  • Built-in eDiscovery features*
* Available in compliance cloud only

Platform level security

MangoApps is optimized to run on AWS and has been running in the AWS cloud for over 10 years.


  • Data in transit is 256 bit SSL encrypted
  • All stored data is AES encrypted
  • Fully automated configuration management
  • Data retention, system backup and disaster recovery process and policy
  • Detailed user and system access logs
  • Information access policy
  • Regularly scheduled encrypted backups for user data
  • Real time alerts for critical events (e.g., unauthorized modification of critical system files)
  • Periodic vulnerability scans (e.g. Qualys Guard)
  • Annual third party penetration tests

Cloud and process security

Our data protection is multi-level starting with our choice in data centers, data transport and encryption requirements, and hiring procedures. Our software architecture undergoes periodic vulnerability tests to protect against malicious attacks.


  • MangoApps is hosted on AWS. AWS is certified and compliant with HIPAA, HITRUST, SOC2, ISO27001, NIST and others*. Learn more about AWS compliance inheritance here.
  • Monthly OS patches
  • Regular security and systems audits
  • Automated, zero downtime, configuration and application upgrades
  • Long term Audit and system log backup
  • US-EU Safe-Harbor compliant
  • Optional single tenant (dedicated) deployment for even more control
*Please note that these are AWS system compliances that MangoApps inherits. Although our AWS systems are configured to follow the best practices prescribed within these compliances, we have not gone through these certifications ourselves. Please contact us for details on MangoApps certifications and assessments initiatives.

Need HIPAA or other compliances?

We have you covered. We offer a special, secure cloud option for your peace of mind with compliances such as HIPAA. MangoApps Compliance Cloud is available to customers in regulated industries like healthcare, finance, and government.