Security

A comprehensive approach to security

AlphaSense is committed to securely handling data end-to-end, including storage, transmission, networks, systems, and procedures.

AICPA and SOC logo.
For Users

Our secure and resilient platform protects your organization’s confidential information.

We offer the most valuable financial content, top-rated customer service, and expert AI knowledge, the AlphaSense platform is used by thousands globally.

 

our security b5b39d12

Your data is protected with end-to-end encryption in storage and in transit

  • End user communication to AlphaSense servers is done via HTTPS secure web protocol and behind a user-authenticated login process
  • All user requests are authenticated using one-way encryption against a secure database, and by named servers with specific access keys
  • Client content is automatically encrypted using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard, using 256-bit encryption keys
  • Database, search engine and system drives that store user data are directly encrypted
  • Data is stored with scrambled names mapped to user provided names through a second secure mapping layer

 

AWS Logo

We partner with Amazon for best-in-class cloud security

  • Amazon Web Services is a world-class data center provider offering the most secure and hardened infrastructure
  • Amazon Web Services’ state-of-the-art electronic surveillance and multi-factor access control systems add another layer of protection for users’ data
  • Amazon’s data centers are staffed 24/7 by trained security technicians, subject to strict background checks, and access is authorized strictly on a privileged basis
  • Access to servers is protected by multi-factor authentication (MFA) protocols, and user access control is managed by Identity Access Management tools, via secure communication sessions over SSL/TLS

 

Safe User Info Icon

800+ clients in heavily regulated industries trust us with their confidential information

  • Thousands of users access our secure and resilient platform every day
  • Security-conscious clients in the public and private sector choose AlphaSense
  • AlphaSense does not harvest user inputs to leverage or sell them to third parties
  • Personal data, including email and username, are protected in accordance with GDPR regulations

 

FOR INFORMATION SECURITY PROFESSIONALS & CISO

Our policies, procedures, compliance, and training all serve our mission to protect the security of our customers’ data.

 

Global Security Icon

AlphaSense cannot access users’ personal information

  • The AlphaSense platform accesses extremely limited user information, such as a user’s business email address and name
  • The platform cannot access users’ private information, such as telephone number, birthdate, address, social security number, etc.

 

Protected Data Icon

Our procedures comply with global security standards

  • We are certified SOC 2 compliant, which ensures our ability to protect our clients’ security
  • Our daily backup policy guarantees data can be restored if lost
  • Our emergency protocol ensures preparedness and continuous protection in case of unforeseen events
  • We constantly assess, evaluate and manage information technology risk
  • Our team’s rigorous training on information security procedures mitigates risk

 

firewall encryption 24c700de

The AlphaSense network is secured with firewalls and encryption

  • AlphaSense servers are hosted behind a firewall with ingress and egress ports turned off, and are limited to a single HTTPS access on the server catering to user requests
  • Subsystems are further isolated to Virtual Private Clouds without Internet access, which limits access to only specific named servers within the firewall, and via secure one-way encryption keys

 

audits e432b95e

Frequent tests and audits maintain our safety standards over time

  • The entire AlphaSense system is constantly monitored and any access in or out is logged for anomaly detection
  • Web service uptime at the server level is continuously monitored for any unexpected incidents or high usage suggestive of denial of service attacks
  • The AlphaSense system is regularly audited and tested for penetration and vulnerability by third party security specialists

 

AlphaSense Vulnerability Disclosure Policy