Security is a big concern for organizations looking to adopt the cloud. We continually implement robust technical and organizational security controls to ensure customer data is safe. Our global data protection program is founded on strict policies and procedures regarding access, use, disclosure, and transfer of customer data. 7.ai's proven approach ensures the highest security and integrity of customer data, and protects against security threats or data breaches.
The 7.ai platforms are built and deployed in Top Tier Co-Location data centers, where controls include but not limited to the following:
Physical and Environmental Security
- Two factor Authentication to enter the Data center area
- Fully redundant subsystems and compartmentalized security zones.
- Surveillance cameras monitoring critical locations
- Highly Available UPS and Diesel Generator Systems.
- Fire Detection and Suppression Systems
- Redundancy in HVAC
- Water Leakage Detectors, smoke detectorsWater Leakage Detectors, smoke detectors
Logical Access Controls
- Access to Production environment is restricted to authorized few through 2 factor Authentication.
- Network controls include network Firewalls, Application Firewalls, Intrusion Detection systems etc.
- All access to Production and activities in the production environment are logged extensively and monitored for anomalies on a periodic basis.
- The Platform products and services not only undergoes regular static code assessments and dynamic applications assessments by our dedicated internal security team of certified ethical hackers, but also undergoes third party penetration tests by reputable security firms.
- Both internal and external assessments include testing for OWASP vulnerabilities.
7.ai maintains compliance to various security and compliance standards. The specifics of 7.ai’s security program are detailed in its third-party certifications, security audits and attestations (reports are available under an NDA).
Attestations and Certifications
We understand data privacy regulations are very complex. It’s essential that a cloud provider understands how to appropriately protect the privacy of your personal data. At 7.ai, our comprehensive program for processing personal data aligns with the most current data privacy laws and compliance regulations. 7.ai has achieved the TRUSTe Data and Cloud Privacy certifications.
7.ai annually certifies to the U.S.-EU Safe Harbor privacy framework
- Annually undergoes a SOC 2 Type 2 attestation
- PCI DSS 3.2.1 Certification:
- Also offering customers a Data processing addendum (DPA)