Security at norabooks

Your financial data is sensitive. We treat it that way.

All data encrypted in transit (TLS 1.2+) and at rest (AES-256). Your invoices, receipts, and financial data are never stored in plain text.

All business data is stored on AWS infrastructure. We use encryption, access controls, and audit logging across all services.

Secure authentication via Amazon Cognito with support for email/password and Google SSO. Sessions expire automatically.

Multi-tenant architecture with strict data isolation. Your data is partitioned at the database level. No other user or tenant can access it.

We follow privacy best practices. You have full control over your data, including the right to access, correct, and delete.

We conduct regular security assessments, dependency audits, and infrastructure reviews. Vulnerabilities are patched promptly.

Found a security vulnerability? Please report it responsibly to security@getnora.ca. We take all reports seriously and will respond within 48 hours.