All data at rest, including backups, is encrypted using AES-256 encryption and stored within the United States. Customer data is always stored securely for processing on the Aumni investment intelligence platform, and we use a mobile device management solution to ensure that each employee computer has full-disk encryption, anti-malware scanning, automatic software patching, and an always-on VPN.
To ensure that data cannot be leaked via system or product vulnerabilities and misconfigurations, even in encrypted form, Aumni maintains vulnerability and penetration tests conducted at an above industry-average frequency. When vulnerabilities are found, they are remediated in a timely manner. Additionally, we undertake continuous monitoring of systems, networks, and application events to identify trends, evolving threats, and anomalous conditions that pose a potential risk to Aumni or its customers.