{"id":4066,"date":"2025-10-21T09:08:26","date_gmt":"2025-10-21T09:08:26","guid":{"rendered":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/?page_id=4066"},"modified":"2025-10-22T09:03:16","modified_gmt":"2025-10-22T09:03:16","slug":"security-statement","status":"publish","type":"page","link":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/","title":{"rendered":"Security Statement"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-page\" data-elementor-id=\"4066\" class=\"elementor elementor-4066\" data-elementor-post-type=\"page\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cae1d43 e-con-full e-flex e-con e-parent\" data-id=\"cae1d43\" data-element_type=\"container\" data-settings=\"{&quot;background_background&quot;:&quot;classic&quot;}\">\n\t\t<div class=\"elementor-element elementor-element-513e18f e-flex e-con-boxed e-con e-child\" data-id=\"513e18f\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-dac9748 elementor-widget__width-initial elementor-widget elementor-widget-heading\" data-id=\"dac9748\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h1 class=\"elementor-heading-title elementor-size-default\">Security Statement<\/h1>\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-07c2552 content-item e-flex e-con-boxed e-con e-parent\" data-id=\"07c2552\" data-element_type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-cb0e84e elementor-widget elementor-widget-text-editor\" data-id=\"cb0e84e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>cove uses Amazon Web Services (AWS) to host our application and data as they are the industry gold standard for security and reliability. In addition, we have also gone through an AWS Security Audit which tested for network and data vulnerabilities and implemented infrastructure improvements based on the findings. Also, we have the following best practices in place (the \u201cCustomer Responsibility\u201d according to AWS) to keep our user&#8217;s data secure:<\/p><ul class=\"arrow-img\"><li style=\"padding-bottom: 10px;\">Data is hosted behind a firewall and accessed directly by the server, not via a public URL.<\/li><li style=\"padding-bottom: 10px;\">All connections to and from the server encrypted with HTTPS.<\/li><li style=\"padding-bottom: 10px;\">Any cove employee accessing the data must use two-factor authentication (2FA) and use HTTPS\/SSL.<\/li><li style=\"padding-bottom: 10px;\">Database backups stored under the same encryption<\/li><li style=\"padding-bottom: 10px;\">Users can only access the data belonging to their firm<\/li><li style=\"padding-bottom: 10px;\">Users are required to verify their email address and all passwords are encrypted.<\/li><li style=\"padding-bottom: 10px;\">Best practices such as Cross Site Scripting and Request Forgery prevention and SQL injection prevention are in place to prevent unauthorized access to the application\/data.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-247fb13 elementor-widget elementor-widget-text-editor\" data-id=\"247fb13\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>The cove team has signed an NDA that covers user data. Each company in our platform has their data encrypted and siloed and there is no sharing of data between companies.<\/p><p>Even when we use machine learning on a cost optimization, we are only strictly analyzing options within that specific project, and we do not reference other projects even from the same firm. This is due to the fact that many of our customers are also government contractors in the US, Canada, and UK. For specific national security requirements, we can verify where the data on a project is stored to comply with any audits.<\/p><p>For government projects where location information cannot be shared, a user can put the project address as the closest airport to further anonymize it. They will need to upload any context buildings to the shading device layer. The project name can be set to a code name for an extra layer of anonymization.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-04e362a elementor-widget elementor-widget-heading\" data-id=\"04e362a\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Accessing cove<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0694ca4 elementor-widget elementor-widget-text-editor\" data-id=\"0694ca4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>Users have two options for logging into cove: using their username\/password or logging in using single sign-on (SSO) with their Microsoft credentials.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-27ad134 elementor-widget elementor-widget-heading\" data-id=\"27ad134\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Using Plug-ins with SSO<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-45e7e23 elementor-widget elementor-widget-text-editor\" data-id=\"45e7e23\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>For users who use SSO for authentication, the process for using the plugins is as follows:<\/p><ul class=\"arrow-img\"><li style=\"padding-bottom: 10px;\">Log into cove using SSO (as detailed below)<\/li><li style=\"padding-bottom: 10px;\">Navigate to the user profile page (click &#8220;Hi username&#8221; in the top right corner and then select &#8220;Your Profile&#8221;)<\/li><li style=\"padding-bottom: 10px;\">Scroll down to the bottom and copy the token in the &#8220;Plugin Authorization Token&#8221; field<\/li><li style=\"padding-bottom: 10px;\">In the plugin, when logging into cove, paste the token copied from the above step into the password field and use the email address associated with the SSO account as the email address.<\/li><li style=\"padding-bottom: 10px;\">Note that this token is only valid while logged into the application, and it changes each time a user logs into or out of the application for maximum security.<\/li><\/ul>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-cfcc3ab elementor-widget elementor-widget-heading\" data-id=\"cfcc3ab\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Prerequisites<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-732ee75 elementor-widget elementor-widget-text-editor\" data-id=\"732ee75\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>Before using SSO to log into cove, the user&#8217;s business must already have an account registered with cove. This is typically achieved by an administrator (usually the person responsible for managing the plan or an IT administrator) registering an account with cove (note that it is not necessary for all users on a plan to register an account with cove prior to using SSO; only one initial account is necessary). The domain in the email address (located after the @ symbol) must match the domain associated with the Microsoft credentials that will be used for SSO.<\/p><p>Note that users who have been using cove prior to the introduction of SSO should be able to use their Microsoft credentials to log in without further configuration (as long as the domain restriction mentioned above is satisfied).<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-afef3c3 elementor-widget elementor-widget-heading\" data-id=\"afef3c3\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">Logging In<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-0e7ceb1 elementor-widget elementor-widget-heading\" data-id=\"0e7ceb1\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t\t<h4 class=\"elementor-heading-title elementor-size-default\">If you have questions about this Privacy Notice or would like to contact us about it, you may do so via the following avenues:<\/h4>\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-9932ec7 elementor-widget elementor-widget-text-editor\" data-id=\"9932ec7\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t\t\t\t\t\t<p>To log in using SSO, navigate to the login page and click the &#8220;Sign in with Microsoft&#8221; button.<\/p><p>After clicking the &#8220;Sign in with Microsoft&#8221; button, users will be redirected to Microsoft to enter their credentials or will be prompted to select an account if they are already logged in to their Microsoft account. Note that these credentials are not shared with cove; they are sent only to Microsoft.<\/p><p>Depending on how users&#8217; Microsoft accounts are configured, they may be presented with a screen requesting permissions (see attached image below). These are the permissions necessary for us to authenticate the user. After clicking &#8220;Accept&#8221;, if the user is allowed to access the application, they will then be logged in and directed to their Project Dashboard or to fill out their profile (if they are a new user). For more information, visit\u00a0<a class=\"link-hover\" href=\"https:\/\/help.covetool.com\/en\/articles\/5409352-using-azure-active-directory-single-sign-on-sso\" target=\"_blank\" rel=\"noopener noreferrer\">https:\/\/help.covetool.com\/en\/articles\/5409352-using-azure-active-directory-single-sign-on-sso<\/a>.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Security Statement cove uses Amazon Web Services (AWS) to host our application and data as they are the industry gold standard for security and reliability. In addition, we have also gone through an AWS Security Audit which tested for network and data vulnerabilities and implemented infrastructure improvements based on the findings. Also, we have the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":false,"footnotes":""},"class_list":["post-4066","page","type-page","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.1.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>cove Security Statement<\/title>\n<meta name=\"description\" content=\"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"cove Security Statement\" \/>\n<meta property=\"og:description\" content=\"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/\" \/>\n<meta property=\"og:site_name\" content=\"COVE\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-22T09:03:16+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/Z31F9pbqstJ99If__metaimageforcove-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"650\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/\",\"url\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/\",\"name\":\"cove Security Statement\",\"isPartOf\":{\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#website\"},\"datePublished\":\"2025-10-21T09:08:26+00:00\",\"dateModified\":\"2025-10-22T09:03:16+00:00\",\"description\":\"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.\",\"breadcrumb\":{\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Statement\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#website\",\"url\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/\",\"name\":\"COVE\",\"description\":\"My WordPress Blog\",\"publisher\":{\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#organization\",\"name\":\"COVE\",\"url\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/logo.png\",\"contentUrl\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/logo.png\",\"width\":384,\"height\":110,\"caption\":\"COVE\"},\"image\":{\"@id\":\"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"cove Security Statement","description":"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"cove Security Statement","og_description":"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.","og_url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/","og_site_name":"COVE","article_modified_time":"2025-10-22T09:03:16+00:00","og_image":[{"width":1200,"height":650,"url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/Z31F9pbqstJ99If__metaimageforcove-1.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/","url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/","name":"cove Security Statement","isPartOf":{"@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#website"},"datePublished":"2025-10-21T09:08:26+00:00","dateModified":"2025-10-22T09:03:16+00:00","description":"cove leverages AWS for secure, reliable hosting and has undergone an AWS Security Audit to enhance infrastructure. We follow best practices to safeguard user data.","breadcrumb":{"@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/security-statement\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/"},{"@type":"ListItem","position":2,"name":"Security Statement"}]},{"@type":"WebSite","@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#website","url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/","name":"COVE","description":"My WordPress Blog","publisher":{"@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#organization","name":"COVE","url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#\/schema\/logo\/image\/","url":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/logo.png","contentUrl":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-content\/uploads\/2025\/10\/logo.png","width":384,"height":110,"caption":"COVE"},"image":{"@id":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/pages\/4066","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/comments?post=4066"}],"version-history":[{"count":32,"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/pages\/4066\/revisions"}],"predecessor-version":[{"id":4843,"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/pages\/4066\/revisions\/4843"}],"wp:attachment":[{"href":"https:\/\/fm-connect1.fortmindz.in\/wp-cove\/wp-json\/wp\/v2\/media?parent=4066"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}