A comprehensive approach to security

Our secure and resilient platform protects your organization’s confidential information.

We offer the most valuable financial content, top-rated customer service, and expert AI knowledge, the AlphaSense platform is used by thousands globally.

 

Your data is protected with end-to-end encryption in storage and in transit

• End user communication to AlphaSense servers is done via HTTPS secure web protocol and behind a user-authenticated login process
• All user requests are authenticated using one-way encryption against a secure database, and by named servers with specific access keys
• Client content is automatically encrypted using Advanced Encryption Standard (AES) 256, a secure symmetric-key encryption standard, using 256-bit encryption keys
• Database, search engine and system drives that store user data are directly encrypted
• Data is stored with scrambled names mapped to user provided names through a second secure mapping layer

 

We partner with Amazon for best-in-class cloud security

• Amazon Web Services is a world-class data center provider offering the most secure and hardened infrastructure
• Amazon Web Services’ state-of-the-art electronic surveillance and multi-factor access control systems add another layer of protection for users’ data
• Amazon’s data centers are staffed 24/7 by trained security technicians, subject to strict background checks, and access is authorized strictly on a privileged basis
• Access to servers is protected by multi-factor authentication (MFA) protocols, and user access control is managed by Identity Access Management tools, via secure communication sessions over SSL/TLS

 

800+ clients in heavily regulated industries trust us with their confidential information

• Thousands of users access our secure and resilient platform every day
• Security-conscious clients in the public and private sector choose AlphaSense

 

FOR INFORMATION SECURITY PROFESSIONALS & CISO

Our policies, procedures, compliance, and training all serve our mission to protect the security of our customers’ data.

 

AlphaSense cannot access users’ personal information

• The AlphaSense platform accesses extremely limited user information, such as a user’s business email address and name
• The platform cannot access users’ private information, such as telephone number, birthdate, address, social security number, etc.

 

Our procedures comply with global security standards

• We are certified SOC 2 compliant, which ensures our ability to protect our clients’ security
• Our daily backup policy guarantees data can be restored if lost
• Our emergency protocol ensures preparedness and continuous protection in case of unforeseen events
• We constantly assess, evaluate and manage information technology risk
• Our team’s rigorous training on information security procedures mitigates risk

 

The AlphaSense network is secured with firewalls and encryption

• AlphaSense servers are hosted behind a firewall with ingress and egress ports turned off, and are limited to a single HTTPS access on the server catering to user requests
• Subsystems are further isolated to Virtual Private Clouds without Internet access, which limits access to only specific named servers within the firewall, and via secure one-way encryption keys

 

Frequent tests and audits maintain our safety standards over time

• The entire AlphaSense system is constantly monitored and any access in or out is logged for anomaly detection
• Web service uptime at the server level is continuously monitored for any unexpected incidents or high usage suggestive of denial of service attacks
• The AlphaSense system is regularly audited and tested for penetration and vulnerability by third party security specialists

 

AlphaSense Vulnerability Disclosure Policy