Information security, confidentiality, availability, processing integrity and privacy are vital to the business operations of our customers. SaaS providers have taken extraordinary measures to address these concerns and Numerify is no different. Numerify’s security architecture and practices incorporate learnings and insights from best-in-class SaaS providers. Numerify is committed to maintaining a safe and secure platform for our customers, business partners, and the broader Internet community. Numerify has developed an in-house information security and compliance function that complements the controls that our IaaS provider, Amazon Web Services, provides. Numerify security policies and practices are designed to adhere to the SOC2 standards for service provider
All Numerify customers are separated from the rest of AWS customers by being within a Numerify Virtual Private Cloud (VPC). Within the Numerify VPC customers may share servers and compute nodes with other Numerify tenants. Their data is never comingled with other customers by virtue of the fact that they always get private databases and private partitions in S3 buckets. Numerify relies on HTTPS with SSL encryption. Since we don’t support use of HTTP for external interactions, all such web traffic is encrypted.
In addition to infrastructure and software security, there are other key aspects to securing a SaaS application that are operational in nature and deal with people, policies and physical assets. Access to the Numerify production environment is under strict control & limited to need-to-know. Numerify has strong policies and enforcement in place for Human Resources, Information Access, Security Incidents and Emergency Response. With the successful completion of a SOC 2 Type II audit and certification, customers are reassured that Numerify complies with the highest standards in the SaaS world.
• Service Organization Control (SOC) 2 Report under SSAE 16 • Certified under US-EU Safe Harbor Framework