Actify solutions manage not only our customers’ data, but also our customers’ customers’ data, so it is paramount that they have trust and confidence in our security posture.
Security & Privacy
Actify utilizes enterprise-grade best practices to protect customers’ data and works with independent experts to verify its security, privacy, and compliance controls.
Actify has received a SOC 2 Type 2 attestation report, which objectively certifies our controls to ensure the continuous security of our customers’ data. Actify also complies with GDPR protocols for the protection of customer information and privacy.
To support SOC 2 compliance, Actify uses an automation platform to continuously monitor 100+ security controls across the organization. Automated alerts and evidence collection allow the company to confidently prove its security and compliance posture any day of the year while fostering a security-first mindset and culture of compliance across the organization.
In addition, all employees complete an annual security training program and employ best practices when handling customer data.
Best practices include:
- We work with industry-leading security firms to perform annual network and application layer penetration tests,
- We utilize a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle,
- We encrypt data both in-transit using TLS and at rest,
- We use secure transport protocols such as HTTPS for all public internet traffic.
Our cloud-based solutions ensure segregation of tenant data through:
- Separate databases for each tenant, each using independent authentication credentials,
- Separate tenant-specific domain for each tenant to access services,
- Separate subnets for each tenant, using Network Security Group to ensure the appropriate level of network isolation,
- Separate file storage per customer.
Please report any suspected security vulnerability immediately to [email protected]
Actify does not sell, share, or trade any customer data. Your information and your company’s information is not for sale. Access to customer data is restricted to individuals who require that information to fulfill their job duties. Please visit our Privacy Policy page for more detailed information.