Security at ISO

Your data’s accuracy, integrity, and confidentiality are at the core of our mission. We’ve implemented robust measures to safeguard your information, including state-of-the-art encryption techniques, stringent access controls, and comprehensive security protocols. All these are continuously updated and audited to ensure your experience with us is seamless and uncompromisingly secure.

Keeping Your Data Safe

Compliance & Third-Party Audits

ISO conducts annual third-party penetration tests on our software and infrastructure, promptly addressing any findings. Additionally, we have obtained SOC2 Type 2 Certification to assure our customers that we have implemented robust security controls to safeguard their data’s confidentiality.

Secure Cloud Infrastructure

ISO utilizes the robust set of security features offered by AWS, including network isolation and encryption to protect against data breaches and unauthorized access. We ensure all changes are tracked and that no unauthorized modifications are made to our application or cloud infrastructure.

Strong Data Encryption

We prioritize the security of our customers’ data by employing industry-standard encryption algorithms for data at rest and in transit, regularly rotating encryption keys securely stored to minimize risk, and conducting ongoing monitoring to identify vulnerabilities or weaknesses in our encryption process.


Security Certifications

AICPA SOC2 type 1 certification

SOC2 Type 2

ISO has SOC2 Type 2 certification.  The SOC2 certification demonstrates our commitment to having robust security controls, processes, and procedures in place to safeguard your data.  Reach out to our team to request a full copy.

High Uptime and Availability

Continuous Monitoring
For immediate detection and response to security threats, we continuously scan our systems and network traffic using automated vulnerability scanners and an intrusion detection system.
Log Aggregation
We utilize industry-leading log aggregation and application performance monitoring tools.
Always On-Call
All alerts are sent directly to our 24/7/365 on-call team to ensure any issues are triaged and fixed right away.

Secure Software Development Lifecycle

Prioritized Training

All team members receive regular security training and prioritize security in all decision-making processes.

Rigorous Code Review

Our code review process is rigorous to ensure our team has vetted all changes to our code and infrastructure.

Thorough Testing

Testing processes include automated and manual security testing to identify any vulnerabilities before deployment.

Quality Checks

Our CI/CD pipeline ensures that no code gets shipped to production without passing a robust suite of code quality checks.

Have Questions?
Contact us to learn more about security at ISO.