Last updated - May 7th, 2024

Security Policy, an approach to security

We believe that protecting your confidential information is essential in delivering high quality insights to help drive
your business forward.
Certifications
We are serious about maintaining the confidentiality and security of our clients' files. Industry standards like SOC 2 Type 2 and ISO 27001 serve as the foundation for our privacy and security program. You can trust in our enterprise-grade security to provide insights for your entire workforce.
ISO/IEC 27001:2022 Certified
Photon Insights has achieved the ISO/IEC 27001:2022 certification, an internationally recognized standard for information security management systems (ISMS). This certification demonstrates our commitment to implementing, maintaining, and continually improving robust security practices in line with global standards.
ISO
SOC 2 Type II Certified
Photon Insights is SOC 2 Type II certified, which underscores our adherence to high standards for security, availability, processing integrity, confidentiality, and privacy of customer data. This type of certification not only confirms that we have designed suitable controls but also that these controls have been tested over time for effectiveness.
ISO
Security at Photon
At Photon Insights, we take your data security seriously. We believe that protecting your confidential information is essential in delivering high-quality insights to help drive your business forward. Here are the key features of our security policy:
ISOUser Data Protection
  • At Photon Insights, we strictly limit access to user data, and only access user data on a need-to-know basis.
  • Our employees and contractors are regularly trained on data security policies, and we maintain strict procedures to ensure that all user data is kept confidential.
  • We have implemented strict procedures to ensure that user data is not compromised or stolen, and we perform regular audits and tests to ensure that our system remains secure.
ISOSecure Data Storage and Transmission
  • All client communications with Photon servers are protected by end-to-end encryption (HTTPS) and authenticated through a multi-factor login process.
  • Data is encrypted using Advanced Encryption Standard (AES) 256, with encryption keys only accessible to authorized personnel.
  • Data stored in databases, caches, and servers is directly encrypted and protected.
ISORobust Access Control Mechanisms
  • All access to our systems requires multi-factor authentication (MFA) using a secure and validated identity provider.
  • Access to systems and data is limited to only authorized personnel through role-based access control.
  • User access to data is further controlled through a permissions model that restricts access to only the necessary data required for their role.
ISOCloud Security and Resilience
  • We rely on Amazon Web Services (AWS), an industry standard datacenter provider, to provide reliable and hardened infrastructure that ensures the security of our platform and your data.
  • We leverage AWS tools to ensure a highly resilient and fault-tolerant architecture, with built-in redundancies to eliminate any single point of failure.
  • We have a comprehensive disaster recovery plan that is tested and updated regularly to ensure quick and efficient recovery in case of any unforeseen events or disasters.
  • Our web application is secured using Cloudflare, which provides web application firewall (WAF) and distributed denial of service (DDoS) protection.
ISOContinuous Monitoring and Analysis
  • We continuously monitor access to our systems and applications to detect and respond to unauthorized access attempts.
  • We maintain detailed audit logs of all access attempts and system activity for analysis and forensic purposes.
  • We conduct regular vulnerability assessments and penetration testing to identify and remediate potential security issues.
Got Questions?
Learn more about our security and privacy policies. Can't seem to find the solution you need? Please contact
[email protected]