Photon Insights
Security Policy, our approach to security
Last updated - 1st Nov, 2023
We believe that protecting your confidential information is essential in delivering high-quality insights to help drive your business forward.
ISO/IEC 27001:2022 Certified SOC 2 Type II Certified
Certifications
We are serious about maintaining the confidentiality and security of our clients' files. Industry standards like SOC 2 Type 2 and ISO 27001 serve as the foundation for our privacy and security programme. You can trust in our enterprise-grade security to provide insights for your entire workforce.
ISO/IEC 27001:2022 Certified
ISO/IEC 27001:2022 Certified
Photon Insights has achieved the ISO/IEC 27001:2022 certification, an internationally recognized standard for information security management systems (ISMS). This certification demonstrates our commitment to implementing, maintaining, and continually improving robust security practices in line with global standards.
ISO/IEC 27001:2022 Certified
SOC 2 Type II Certified
Photon Insights is SOC 2 Type II certified, which underscores our adherence to high standards for security, availability, processing integrity, confidentiality, and privacy of customer data. This type of certification not only confirms that we have designed suitable controls but also that these controls have been tested over time for effectiveness.
Security at Photon
At Photon Insights, we take your data security seriously. We believe that protecting your confidential information is essential in delivering high-quality insights to help drive your business forward. Here are the key features of our security policy:
User Data Protection
  • At Photon Insights, we strictly limit access to user data, and only access user data on a need-to-know basis.
  • Our employees and contractors are regularly trained on data security policies, and we maintain strict procedures to ensure that all user data is kept confidential.
  • We have implemented strict procedures to ensure that user data is not compromised or stolen, and we perform regular audits and tests to ensure that our system remains secure.
Secure Data Storage and Transmission
  • All client communications with Photon servers are protected by end-to-end encryption (HTTPS) and authenticated through a multi-factor login process.
  • Data is encrypted using Advanced Encryption Standard (AES) 256, with encryption keys only accessible to authorized personnel.
  • Data stored in databases, caches, and servers is directly encrypted and protected.
Robust Access Control Mechanisms
  • All access to our systems requires multi-factor authentication (MFA) using a secure and validated identity provider.
  • Access to systems and data is limited to only authorized personnel through role-based access control.
  • User access to data is further controlled through a permissions model that restricts access to only the necessary data required for their role.
Cloud Security and Resilience
  • We rely on Amazon Web Product (AWS), an industry standard datacenter provider, to provide reliable and hardened infrastructure that ensures the security of our platform and your data.
  • We leverage AWS tools to ensure a highly resilient and fault-tolerant architecture, with built-in redundancies to eliminate any single point of failure.
  • We have a comprehensive disaster recovery plan that is tested and updated regularly to ensure quick and efficient recovery in case of any unforeseen events or disasters.
  • Our web application is secured using Cloudflare, which provides web application firewall (WAF) and distributed denial of service (DDoS) protection.
Continuous Monitoring and Analysis
  • We continuously monitor access to our systems and applications to detect and respond to unauthorized access attempts.
  • We maintain detailed audit logs of all access attempts and system activity for analysis and forensic purposes.
  • We conduct regular vulnerability assessments and penetration testing to identify and remediate potential security issues.
FAQs
Learn more about our security and privacy policies. Can't seem to find the solution you need? Please contact [email protected]
What security certifications does Photon Insights have?

Photon Insights has achieved both SOC2 and ISO/IEC 27001 security certifications. SOC2 certification adheres to five trust service principles: security, availability, processing integrity, confidentiality, and privacy, ensuring a comprehensive security posture for the platform.

How is our data kept safe in Photon Insights' systems?

Photon Insights uses end-to-end encryption for data transmission, AES 256 for data encryption, and has implemented robust access control mechanisms. They also utilize Amazon Web Product (AWS) for secure data storage and Cloudflare for web application protection.

Where can I explore the Photon Insights security policies?

You can explore Photon Insights' security policies in detail on their dedicated security page, or get in touch at [email protected] for more details.

Who has access to our user data on Photon Insights?

Access to user data is strictly limited, and only given on a need-to-know basis. Photon Insights' employees and contractors go through rigorous training for handling data securely and confidentially.

How does Photon Insights ensure resilience against potential threats or disasters?

Photon Insights relies on AWS's fault-tolerant architecture to eliminate single points of failure. They also have a comprehensive disaster recovery plan, and they use Cloudflare to protect against web threats like DDoS attacks.

How frequently does Photon Insights monitor and assess its security measures?

Photon Insights continuously monitors access to its systems and applications. Additionally, regular vulnerability assessments and penetration testing are conducted to identify and address potential security issues.