To download the full whitepaper, click here.
Aumni maintains a strong commitment to security foundations and certifications, such as SOC 2 Type II. We ensure that our systems meet industry standards for managing customer data in terms of data availability, processing integrity, confidentiality, and privacy. Compliance is an excellent foundation for any security program, but Aumni strives to be much more than compliant.
We firmly believe that security is a shared responsibility across the organization. Our best practices include but are not limited to:
- Access control
- Role-based security training for engineers
- General security awareness training for all employees
- Vulnerability management
- Asset management
- Incident response
- Business continuity and disaster recovery
- Logging and monitoring
- Vendor security
- Policy and security governance
- Data confidentiality and loss prevention
- Secure software life cycle management
- Risk assessment and mitigation
While many service providers consider security to be the responsibility of engineering alone, at Aumni, we maintain a cultural recognition of security’s centrality to our business. Aumni Information Security has full executive buy-in from the top-down. Divisional leaders meet regularly with our information security personnel to strategize and plan how their decisions can better facilitate security as well as foster a security-conscious culture.
At Aumni, we believe that protecting customer data is not a problem to be handled by the security team alone, and our approach springs from that belief. While rare in our industry, security’s prominent role in the boardroom is in large part why Aumni can maintain a best-in-class security program.