Security at Diminish

Your trust means everything to us, which is why we place such a high importance on security. We've crafted our products, processes, and systems with your safety and the protection of your data in mind.

Data Security at Diminish

Security Features

Customer Savings

We keep data secure in transit and at rest. In transit, data is only accessible via TLS/SSL, and at rest, data is encrypted with AES256.

Data security

Our people and systems can only access the data they need to do their job and we store your data with cloud providers who have top-tier physical security controls.

Highly available

We use a global CDN to prevent network attacks and keep Diminish highly available.

Monitored and resilient

Our threat detection, logging, and alerting systems notify our on-call teams about potential incidents.

Secure development practice

We peer review and test our code prior to release, including manual and automated checks for security issues.

Staged releases

We only release software after qualifying it in development and staging environments.

In-app permissions

Users can be assigned different roles to administrator or manage SaaS spending and view reports.

Diminish and the EU General Data Protection Regulation (GDPR)

Diminish is committed to helping our users understand the rights and obligations under the General Data Protection Regulation (GDPR)

We have introduced tools and processes to ensure we comply with GDPR requirements.

To learn more about our GDPR compliance, please read our

Privacy Policy
Logos for SOC, GDPR, and CCPA

Frequently Asked Questions

How often do you conduct security assessments?

Diminish employs specialist external services and tools to conduct multiple different types of security assessments.

How do you store my Data?

We also run weekly vulnerability scans against our production environments, and engage external penetration testers to conduct multiple penetration tests throughout the year.