Security is baked into everything we do; from our DevSecOps through to business ops and physical security. We encrypt your data at rest in transit and provide SSO, enforced MFA and IP-based ACLs to protect it. Your data is stored in your own country. Our team all hold BPSS security vetting, as a minimum. We perform regular pentests, and run continuous vulnerability scanning against our infrastructure, code and dependencies.
Our platforms are built on best-in-class technologies, and are designed to be highly-available and fast. We use load balancing with automatic failover, geo-redundancy and monitor thousands of metrics every second to look for warning signs of issues. We have a defined and regularly tested disaster recovery plan.
Protecting your data, and that of your employees, is our highest priority. It is, after all, why we founded CultureAI in the first place. We do everything in our power to ensure we protect it from unauthorised access, and are compliant with regulation such as GDPR.
Our clients' often have strict compliance requirements, against which we have yet to record a single failure. We hold ISO 9001, 14001 and 27001, alongside Cyber Essentials Plus. We're happy to allow our enterprise clients to conduct independent audits / pentests, and our policy is to go to any length to support your internal compliance process.
CultureAI actively maintain a range of industry-standard security accreditations.