Security Beyond Acronyms

/ SOC2 and Then Some

For us, security goes beyond acronyms (though we have those too). Archive Intel is built from the ground up to protect your data.

Our Security Posture

SOC 2 Type II Compliant

Archive Intel has completed a SOC 2 Type II certification.

Achieving SOC 2 compliance means that we have implemented procedures, policies and controls necessary to meet AICPA’s trust services criteria for security, availability, and confidentiality and that our processes and controls have been tested and validated to ensure that they are operating effectively.

Obtain a copy of the report by reaching out on our contact form.

 

Our Infrastructure and Policies

– We use Amazon Web Services to host our platform

– All data is encrypted in transit and at rest

– All data is backed up regularly and encrypted at rest

We apply the following security best practices:

– All changes to our infrastructure, permissions, and code happen via code reviews

– We grant the least amount of privileges to IAM roles, systems, and engineers to perform their duties

– Administrator privileges are only used in the case of serious incidents. For routine maintenance tasks we provision IAM roles with fine-grained permissions.

– We carefully evaluate 3rd party vendors before using them and regularly review them and the data they can access.

Vulnerability Disclosure Program

At Archive Intel, maintaining the trust and confidence of our customers is our top priority. We are deeply committed to safeguarding our systems and protecting the information entrusted to us. As part of our proactive cybersecurity program, we invite skilled security researchers worldwide to help us identify and address any potential security vulnerabilities that may exist within our systems.

Our Vulnerability Disclosure Program (VDP) provides a structured, secure, and collaborative framework for researchers to submit vulnerability findings. By participating in this program, researchers play a valuable role in strengthening our cybersecurity defenses beyond our internal monitoring and controls.

How can you report a vulnerability?

If you believe you have discovered a security vulnerability in one of our assets, we encourage you to notify us through our Vulnerability Disclosure Program at the following link: https://www.federacy.com/archive-intel-inc?tab=Intro

Questions On Security

If you or your team have specific questions about how our platform is built, our processes or how we store and handle data please get in touch. We are very happy to answer any questions you have.

Security Information

We periodically post security and relevant data here. If you have any questions on any of these documents, please get in touch with our team.

Data Processing Addendum, Posted November 27, 2024