We take every precaution to ensure that the confidential information you trust with AlphaSense is absolutely secure. Your data is protected with end-to-end encryption in storage and transit, and safeguarded by state-of-the-art security protocols.

AlphaSense has been certified SOC 2 (Type 2) compliant and meets with the standards set forth for user security. We undertake a carefully designed series of steps to securely handle your data end-to-end, including storage, transmission, networks, systems and procedures.

SOC-2

Lock

Data Security in Storage
  • Client content is automatically encrypted using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard, using 256-bit encryption keys
  • Database, search engine and system drives that store user data are directly encrypted
  • Data is stored with scrambled names mapped to user provided names through a second secure mapping layer
  • Upon request clients may manage and hold their own encryption keys
Data Security in Transit & User Authentication
  • All data is encrypted end-to-end in transit
  • End user communication to AlphaSense servers is done via HTTPS secure web protocol and behind a user-authenticated login process
  • All user requests are authenticated using one-way encryption against a secure database, and by named servers with specific access keys

Lock

Lock

Network Security
  • AlphaSense servers are hosted behind a firewall with ingress and egress ports turned off, and limited to a single HTTPS access on the server catering to user requests
  • Subsystems are further isolated to Virtual Private Clouds without Internet access, which limits access to only specific named servers within the firewall, and via secure one-way encryption keys
Data Center & Administrator Access
  • AlphaSense partners with Amazon Web Services, a world-class, secure data center provider, and utilizes its state-of-the-art electronic surveillance and multi-factor access control systems
  • Data centers are staffed 24/7 by trained security technicians, subject to strict background checks, and access is authorized strictly on a privileged basis
  • Access to servers is protected by multi-factor authentication (MFA) protocols, and user access control is managed by Identity Access Management tools, via secure communication sessions over SSL/TLS

vault

Lock

Monitoring & Penetration Testing
  • The entire AlphaSense system is constantly monitored and any access in or out is logged for anomaly detection
  • Web service uptime at the server level is continuously monitored for any unexpected incidents or high usage suggestive of denial of service attacks
  • The AlphaSense system is regularly audited and tested for penetration and vulnerability by third party security specialists