VanguardVanguard

Security

Our commitment to keeping your data safe

Our Security Commitment

At Vanguard, security is foundational to everything we build. We understand that incident and emergency data requires careful handling, and we're committed to implementing industry best practices to safeguard your information while providing the transparency your community needs.

Security Features

Encryption
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Secure Infrastructure
Hosted on enterprise-grade cloud infrastructure with automatic security updates and monitoring.
Tenant Isolation
Complete logical separation between organizations ensures your data stays private.
Audit Logging
Comprehensive logging of system access and changes for accountability and compliance.
Regular Assessments
Ongoing security reviews and updates to address emerging threats.
Role-Based Access
Granular permissions ensure users only access what they need.

Public Data Controls

Vanguard gives organizations full control over what data is shared publicly:

Public Status Page
Optional feature that must be explicitly enabled. When disabled, all incident data remains private to authenticated users.
Social Media Controls
Fine-grained rules for auto-posting including call type filters, minimum unit thresholds, and medical call exclusion.
Medical Privacy
Medical incidents display generalized addresses only (street name, no house numbers) to protect individual privacy.

Data Protection

We implement multiple layers of protection:

  • End-to-end encryption for all data transmission
  • Encrypted storage for all persisted data
  • Secure authentication powered by Clerk with MFA support
  • Session management with automatic timeout
  • Rate limiting to prevent abuse
  • Input validation and sanitization

Data Sources

Vanguard aggregates data from trusted public sources:

  • PulsePoint: Real-time emergency incident data already available to the public
  • National Weather Service: Official weather alerts and warnings

We do not create or modify incident data. All information displayed originates from these authoritative sources and is already publicly accessible through their platforms.

Third-Party Integrations

We carefully vet all third-party services we integrate with. Our infrastructure partners include:

  • Convex: Real-time database with built-in security
  • Vercel: Secure hosting with edge network protection
  • Clerk: Enterprise-grade authentication
  • Stripe: PCI-compliant payment processing

Compliance

Our infrastructure and practices align with industry security standards. We regularly review and update our security measures to maintain compliance with best practices and emerging requirements.

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly to support@vanguardalerts.com. We take all reports seriously and will respond promptly to investigate and address any confirmed vulnerabilities.