Security & Compliance | Verikai

—————

Data Encryption

All data is transmitted via encryption-in-transit using HTTPS (TLS 1.3), and is securely stored with encryption-at-rest using AES-256 or higher standards.

—————

Least Privileges and Audit Logging

To ensure secure data access, we follow a least privileges model as standard practice, where only a few select people have access to your data, and only when needed to support you. Additionally, data access is logged and monitored.

—————

Mobile Device Management (MDM)

All computers issued to Verikai employees come with encrypted storage as well as MDM software that allows the IT department to monitor, manage, update, and secure the devices and the data contained on them, including the ability to remotely wipe a machine in the event of a device getting lost or stolen.

—————

Penetration Testing

To test for any potential vulnerabilities on our end, Verikai undergoes regular penetration testing by a third party.

—————

Physical Security

As a cloud-native service, Verikai does not have data centers. Physical security to our servers and to your data is managed by AWS security certifications.

—————

ISO 27001 Compliance

AWS data centers used for processing your data are also certified for compliance with the ISO 27001 standard.

—————

SOC 2 Compliance

Verikai has achieved SOC 2 Type I certification, which verifies the design of our security processes is in alignment with trust service principles of data – availability, confidentiality, processing integrity, privacy, and security – to the standards defined by the American Institute of Certified Public Accountants (AICPA).

—————

Contact Us

Have a security question or want to report an incident confidentially? Drop us a line at security@verikai.com.

—————