Security at ISO
Your data’s accuracy, integrity, and confidentiality are at the core of our mission. We’ve implemented robust measures to safeguard your information, including state-of-the-art encryption techniques, stringent access controls, and comprehensive security protocols. All these are continuously updated and audited to ensure your experience with us is seamless and uncompromisingly secure.
Keeping Your Data Safe
Compliance & Third-Party Audits
ISO conducts annual third-party penetration tests on our software and infrastructure, promptly addressing any findings. Additionally, we have obtained SOC2 Type 1 Certification to assure our customers that we have implemented robust security controls to safeguard their data’s confidentiality.
Secure Cloud Infrastructure
ISO utilizes the robust set of security features offered by AWS, including network isolation and encryption to protect against data breaches and unauthorized access. We ensure all changes are tracked and that no unauthorized modifications are made to our application or cloud infrastructure.
Strong Data Encryption
We prioritize the security of our customers’ data by employing industry-standard encryption algorithms for data at rest and in transit, regularly rotating encryption keys securely stored to minimize risk, and conducting ongoing monitoring to identify vulnerabilities or weaknesses in our encryption process.
SOC2 Type 1
ISO has SOC2 Type 1 certification and is currently undergoing our SOC2 Type 2 monitoring audit. The SOC2 certification demonstrates our commitment to having robust security controls, processes, and procedures in place to safeguard your data. Reach out to our team to request a full copy.
Secure Software Development Lifecycle
All team members receive regular security training and prioritize security in all decision-making processes.
Rigorous Code Review
Our code review process is rigorous to ensure our team has vetted all changes to our code and infrastructure.
Testing processes include automated and manual security testing to identify any vulnerabilities before deployment.
Our CI/CD pipeline ensures that no code gets shipped to production without passing a robust suite of code quality checks.