Compliance

Overview

Termius follows industry-standard security practices to protect customer data and support organizational compliance requirements. The whole product is built around encrypted vaults that enable secure sync and sharing of information. Termius requires no setup on-premises. Termius mobile and desktop apps connect directly to the infrastructure. Termius also keeps a local copy of the data for offline mode. The local data is also encrypted.

SOC 2 Type II

Termius is SOC 2 Type II compliant. This certification verifies that Termius maintains effective controls for security, availability, and confidentiality over time.

The SOC 2 Type II audit evaluates how our systems and processes operate across an extended period and confirms that appropriate safeguards are in place to protect customer data.

To get access to the compliance documentation, visit Termius Trust Center.

Security practices

To support compliance and data protection, Termius implements:

• End-to-end encryption for credentials, keys, and vault data

• Secure infrastructure and access controls

• Audit logging for team activity

• Access management

• Two-factor authentication (2FA) and SAML SSO

These measures help organizations securely manage infrastructure access while meeting internal security and compliance requirements.