Sign up with Google
Sign up with Microsoft
Sign up with Google
Sign up with Microsoft
Sign up with Google
Sign up with Microsoft
Get 15 rooms for FREE when you sign up for Aligned. Exclusive for House of Aligned and SaaStr week only 4-8 September 2023
(it's completely free)
At Aligned, we are incredibly excited to share the news of our recent achievement: SOC 2 Type II compliance. This milestone reaffirms our unwavering commitment to upholding the highest standards of data security for our esteemed customers. By obtaining this accreditation, in line with the stringent American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations (also known as SSAE 18), we solidify our position as a trusted provider of enterprise-level secured solutions.
The attainment of SOC 2 Type II compliance is a significant milestone for us, as it serves as an independent validation of our dedication to safeguarding customer data within our Aligned system. We underwent a rigorous audit conducted by Prescient Assurance, a globally recognized leader in security and compliance attestation for B2B and SaaS companies. Their expertise in risk management and assurance allowed for a comprehensive evaluation of our security practices, policies, procedures, and operations.
At Aligned, protecting the security and privacy of our customers’ data has always been at the forefront of everything we do. We have implemented robust security measures across various aspects of our operations, ensuring the utmost protection for your valuable information:
Secured Personnel
We leave no stone unturned when it comes to vetting our personnel. Every contractor and employee undergoes stringent background checks in compliance with local laws and industry best practices. Furthermore, we require all individuals with access to sensitive or internal information to sign confidentiality or non-disclosure agreements (NDAs). As part of our commitment to fostering a culture of security, we conduct regular employee security training and testing to stay abreast of emerging techniques and attack vectors.
Secured Development
At Aligned, we follow secure development lifecycle principles for all our projects, including on-premises software products, support services, and our innovative Digital Identity Cloud offerings. We prioritize incorporating security requirements during the design phase of new products, tools, and services. To ensure we stay ahead of evolving security challenges, our team members regularly undergo secure development training in coding or scripting languages they work with, along with relevant training in other areas. Additionally, we adhere to the OWASP Top 10 recommendations for web application security, mitigating common vulnerabilities.
Secured Testing
Comprehensive testing is of paramount importance to us as we strive to identify and address potential vulnerabilities. We conduct regular third-party penetration testing and vulnerability scanning of all our production and internet-facing systems. By engaging both internal security engineers and external penetration testing companies, we ensure a thorough evaluation of our products, systems, and services. Moreover, as part of our development process, all code, including open-source libraries, undergoes static and dynamic software application security testing.
Cloud Security
Our cloud-based platform has been meticulously designed with maximum security in mind. Leveraging the native physical and network security features provided by our esteemed cloud service partners, we rely on their expertise in maintaining infrastructure, services, and physical access policies. We have implemented a patented isolation approach to guarantee the complete separation of each customer’s cloud environment within dedicated trust zones, preventing any accidental or malicious co-mingling. Furthermore, we employ data encryption at rest and in transmission, along with continuous monitoring by highly trained experts and robust role-based access controls, to safeguard customer and company data.
Our commitment to providing secure products and services is further reinforced by external certifications. Our latest accomplishment, SOC 2 Type II compliance, validates that our information security practices align with the stringent SOC 2 standards for security.
We are thrilled to have reached this important milestone, and we remain steadfast in our commitment to protecting your data in an ever-evolving digital landscape. Regular assessments and validation of our protections and effective security practices ensure that you can confidently entrust your valuable data to our platform.
For more information about our SOC 2 compliance and our unwavering commitment to data security, please reach out to us at [email protected].
