Your content is your competitive advantage, so mPro Digital uses robust security and encryption and ZERO Retention Policies to protect your data and preserve complete confidentiality.
01
Laravel implements CSRF protection automatically for forms, which helps prevent unauthorized requests.
02
Using a query builder that employs parameter binding significantly reduces the risk of SQL injection, ensuring that user inputs are properly escaped.
03
Laravel features a robust authentication system that simplifies handling user authentication while securely hashing passwords using the bcrypt algorithm.
04
The framework utilizes OpenSSL to encrypt sensitive data, enhancing overall security.
05
Integrated bcrypt password hashing provides a strong defense against password cracking attempts.
06
Middleware allows developers to define access control for routes, restricting access to authorized users only.
Our Commitment to Your Data Security
At mPro Digital Edge, we understand that you’re trusting us with sensitive property data, resident information, and confidential business operations. Security isn’t an afterthought—it’s built into everything we do.
Built on Microsoft Azure Enterprise Infrastructure
mPro Digital Edge is hosted on Microsoft Azure, the cloud platform trusted by 95% of Fortune 500 companies. We leverage Azure’s enterprise-grade security infrastructure, including:
Military-grade encryption for all data at rest and in transit (AES-256, TLS 1.2+)
Multi-factor authentication is required for all administrative access
24/7 threat detection powered by Microsoft Defender for Cloud
Automated backups with 7-day retention and point-in-time recovery
Azure Application Gateway with Web Application Firewall (WAF)
Azure DDoS Protection Standard on all public endpoints
Azure NAT Gateway for secure outbound connectivity
Private endpoints ensure that databases are not internet-accessible
Geo-redundant infrastructure in West US 2 region
Azure-Native Security Protection
Every component of mPro Digital Edge leverages Azure’s integrated security services:
Azure Application Gateway WAF – Blocks OWASP Top 10 vulnerabilities and common web attacks
Azure DDoS Protection Standard – Protects against volumetric and protocol attacks
Azure NAT Gateway – Secure, scalable outbound internet connectivity
Network Security Groups (NSGs) – Firewall rules controlling all network traffic
Azure Key Vault – Hardware-secured storage for all secrets and encryption keys
Microsoft Defender for Cloud – Continuous security posture assessment and threat detection
Current Compliance Status
We are actively pursuing SOC 2 Type II certification (expected completion: Q2 2025).
Our platform is designed and built from day one to meet SOC 2 requirements, including:
Comprehensive audit logging (365-day retention)
Quarterly access reviews and least-privilege access controls
Incident response procedures and disaster recovery planning
Regular security training for all team members
Third-party penetration testing (scheduled quarterly)
Continuous security monitoring via Microsoft Defender for Cloud
Vendor risk management (all AI providers are SOC 2 certified)
Current compliance frameworks implemented:
Azure Security Benchmark
NIST Cybersecurity Framework
OWASP Top 10 Web Application Security
Fair Housing Act AI compliance requirements
Your Data is Protected
Data Encryption:
All data encrypted at rest using AES-256 encryption
All data encrypted in transit using TLS 1.2 or higher
Encryption keys managed in Azure Key Vault with hardware security modules
Key Vault audit logging tracks all secret access
Access Controls:
Role-based access control (RBAC) – users only see what they need
Multi-factor authentication required for all admin accounts
Just-in-time privileged access management
All access logged and monitored in Log Analytics (365-day retention)
Network Security:
Private endpoints for databases (not accessible from internet)
Azure Application Gateway WAF blocking malicious traffic
Azure DDoS Protection Standard with automatic mitigation
Network Security Groups (NSGs) controlling all traffic flows
Azure NAT Gateway for secure outbound connectivity
Data Privacy:
Your data is YOUR data – we never sell or share customer data
Data residency in US-based Azure data centers (West US 2)
GDPR and CCPA privacy controls built-in
Clear data retention and deletion policies
Regular Security Testing
We don’t just set up security and forget about it. Our platform undergoes:
Continuous monitoring – 24/7 automated threat detection via Microsoft Defender
Weekly vulnerability scans – automated security assessments
Quarterly penetration testing – independent security experts attempt to break in
Monthly backup restore tests – ensuring we can recover your data if needed
Annual third-party security audits – independent verification of our controls
AI Provider Security
All AI providers integrated into mPro Digital Edge maintain enterprise security:
OpenAI – SOC 2 Type II certified
Anthropic (Claude) – SOC 2 Type II certified
Google (Gemini) – ISO 27001, SOC 2, SOC 3 certified
HeyGen – SOC 2 Type II certified
Synthesia – SOC 2 Type II certified
ElevenLabs – SOC 2 Type II certified
Your prompts and data are NOT used to train AI models – we’ve negotiated data processing agreements with all providers ensuring zero-retention policies.
Incident Response
In the unlikely event of a security incident:
Questions About Security?
We’re happy to discuss our security architecture in detail:
Security documentation available for enterprise customers
Architecture diagrams and data flow documentation
Completed security questionnaires (CAIQ, SIG, VSA)
Direct access to our technical team for security discussions
Contact us: info@mprodigitaledge.com
Last updated: November 2025
Our commitments give you ownership and control over your business data (inputs and outputs from ChatGPT Team, ChatGPT Enterprise, ChatGPT Edu, Claude, Gemini, and our API Platform) and support your compliance needs.
Security Policy - mPro Digital Edge Platform
The mPro Digital Edge Platform provides enterprise-grade security designed specifically for multifamily property management companies. Unlike consumer AI tools that create shadow IT risks, our platform delivers comprehensive security controls that meet the stringent requirements of property management portfolios handling sensitive resident data, financial information, and proprietary business intelligence.
Security Team Email: security@mprodigitaledge.com
Response Time: Within 24 hours for critical vulnerabilities
Escalation: For urgent security matters requiring immediate attention, contact our CTO directly
We appreciate security researchers who help us maintain the highest security standards. When reporting vulnerabilities:
API Security
Data Protection
Infrastructure Security
Our commitment to achieving SOC 2 Type I certification demonstrates our dedication to enterprise security standards. This certification validates our controls for:
Fair Housing Act Compliance
Property Management Data Standards
Enterprise Administration
Audit and Monitoring
Data Minimization
Geographic Considerations
All integrated AI providers undergo security assessment:
Provider-Specific Controls:
Code Security
Laravel Framework Security
Upon Azure migration:
Monthly reporting includes:
We provide comprehensive security guidance for:
Available to enterprise clients:
For security-related questions or concerns not covered in this document, enterprise clients can contact their designated Customer Success Manager or reach our security team directly at security@mprodigitaledge.com.
This security policy is reviewed quarterly and updated as needed to reflect evolving security requirements and industry best practices specific to multifamily property management operations.
Last Updated: November 2025
By default, we do not use your business data to train our models. However, if you have explicitly opted in to share your data with us (for example, through our opt-in feedback system to improve our services), we may use the shared data to train our models.
As between you and our AI platforms: you retain all rights to the inputs you provide to our services and you own any output you rightfully receive from our services to the extent permitted by law. We only receive rights in input and output necessary to provide you with our services, comply with applicable law, and enforce our policies.
Yes, we are able to execute a Data Processing Addendum (DPA) with customers for that use of ChatGPT Team, ChatGPT Enterprise, ChatGPT Edu, and the API in support of their compliance with GDPR and other privacy laws. Please complete our DPA form to execute a DPA with OpenAI.
Sign Up with Your Business Email
We accept corporate email addresses only. Free email providers (such as Gmail, Yahoo, Outlook.com) are prohibited.
Why business emails only?
- Ensures authentic business identity verification
- Protects sensitive property and resident data
- Maintains professional industry standards
- Prevents unauthorized access to confidential multifamily data
Options to get started:
- Sign in with your business email
- Connect with LinkedIn
Need an exception? Submit a request through our business verification form.
Your security matters: Business email requirements help us maintain a trusted network of verified multifamily professionals while protecting sensitive property information and resident data from potential misuse.
We do not accept Gmail, Outlook.com, Yahoo Mail, Zoho Mail, AOL Mail, iCloud Mail, or Yandex, Mailfence, Neo Mail, Apple, GMX, Mail.com, Proton Mail, Tutanota, Mailfence, Neo, and Yandex. Mail, Titan, Fastmail, Minute Mail, Tuta and Hushmail.
Sign in with Linkedin or register with our support department by completing this form.
