Security at Airflip
At Airflip, ensuring the security and integrity of our customers' data is our top priority. This dedication is reflected in every aspect of our operations, from development to deployment, and across all levels of our organization.
SOC 2 Type II Audit
Airflip has been externally verified as compliant with the SOC 2 Type II standard, and undergoes regular third-party audits to attest and certify our security, data privacy and compliance controls. Our most recent SOC 2 audit was conducted by Prescient Assurance, a leader in security and compliance for global B2B SaaS companies. After a comprehensive assessment, they gave us their best possible opinion.
We can provide supporting evidence and information about the controls we have in place. This can be requested via your account team.
Security Infrastructure
Role-Based Access Control (RBAC)
We implement a comprehensive RBAC system to ensure that access to sensitive information is strictly controlled and limited to authorized personnel. Our RBAC framework allows for granular management of permissions, ensuring users only have access to the data and functions necessary for their role.
SAML Single Sign-On (SSO)
Airflip supports SAML SSO, enabling secure and convenient access to our platform through your organization's identity provider. This feature not only simplifies the login process but also enhances security by centralizing authentication and identity management.
Role and Permission Management
Our platform provides detailed role and permission management tools, allowing administrators to finely tune access controls according to the specific needs of their organization. This ensures that every user has the appropriate level of access, minimizing potential security risks.
Secure Development and Operations
Secure Development Practice
Our development process adheres to secure coding practices, including regular reviews and adherence to the OWASP guidelines for web application security. This ensures that our software is robust against common security vulnerabilities.
Continuous Security Testing
We conduct continuous security testing, including vulnerability scans and dynamic application security testing (DAST), to identify and remediate potential security issues before they can affect our customers.
Data Encryption
All customer data, both at rest and in transit, is encrypted using industry-standard encryption protocols. This ensures the confidentiality and integrity of your data at all times.
Cloud Security
Our cloud-based infrastructure is designed with security in mind, leveraging the native security features of leading cloud service providers. We employ a multi-tenant architecture that ensures customer data is isolated and protected through dedicated encryption keys.
Corporate Governance
Secure Personnel
Every Airflip employee undergoes thorough background checks and security training, emphasizing the importance of data protection and privacy. We require all staff to sign NDAs and adhere to our strict internal security policies.
Incident Response
We have a documented incident response plan in place to quickly address and mitigate any security incidents, minimizing potential impact on our customers and their data.
System Status
Customers can monitor the operational status of Airflip services in real-time by visiting our system status page. This transparency ensures you are always informed of any issues affecting our platform.
Conclusion
Security is not just a feature at Airflip; it's a foundational element of our company culture. We are committed to maintaining the highest levels of security and compliance to protect our customers' data and ensure their trust in our platform. For any security concerns or inquiries, please do not hesitate to contact us.