We’re serious about security.

We’re serious about security.

We understand that the confidentiality, integrity, and availability of your data is vital. Over 10,000 companies trust us to keep their information safe.

security hero
security best practices
Secure culture

Organizational best practices and standards

Organizational best practices and standards

We ensure secure operations and a culture of security awareness through:

  • Mandatory background checks, security training, and education for all team members
  • Regulatory compliance standards for service providers and partners
  • Clear separation of duties to reduce human error and manage risk
Secure operations

A coordinated approach to accreditation and assessment

A coordinated approach to accreditation and assessment

As the security landscape continues to evolve, you can expect us to stay ahead of the threats. Our approach includes:
  • A dedicated Security and Compliance team
  • 24x7x365 continuous live monitoring and reporting
  • Proactive risk assessments and coordinated response to threats

 

aicpa logo        iso logo        csa logo

Our products meet global compliance requirements including:
  • SSAE 118 and ISAE 3402
  • ISO 27001 :2013
  • General Data Protection Regulation (GDPR)
  • Cloud Security Alliance (CSA)
  • California Consumer Privacy Act (CCPA)
  • Federal Information Security Modernization Act (FISMA)
  • Family Education Rights and Privacy Act
security protection
Secure environment

Protection against physical intrusion

Protection against physical intrusion

We partner with cloud infrastructure providers like Amazon Web Services (AWS), Microsoft Azure, and others, who provide:

  •  State-of-the-art data centers housed in nondescript facilities
  • Video surveillance, intrusion detection systems, and other electronic monitoring and perimeter control
  • Regularly audited physical access logs
  • Commercially reasonable efforts to provide a global average up-time of at least 99.99%*

 

*See Amazon’s Compute Service Level Agreement for more information.

Secure product development

A fully fortified development lifecycle

A fully fortified development lifecycle

Security procedures are built into every stage of our product development efforts, including:

  • Automated source code scans of new or modified code
  • Standardized, manually run quality assurance testing
  • Segmented application servers that accept only legitimate programming requests
  • Third-party security assessments prior to every release
security lifecycle
security defense in depth
Secure infrastructure

A defense-in-depth strategy to enable SaaS

A defense-in-depth strategy to enable SaaS

Our cloud-based infrastructure provides high resiliency, scalability, and true multi-tenant service, protected by several layers of network-based security controls, including:

  • Host-based firewalls
  • Intrusion detection systems
  • Load balancers
  • Virtual firewall

Questions? Reach out.

Contact us