Security

Home

Security

Security Overview

At Alliansis, your data’s security is of primary importance. Here’s how we ensure it:

Infrastructure

Our platform is hosted on Microsoft Azure, a leading SOC 2 Type II-certified cloud platform, providing enterprise-grade network protections, physical security, and built-in encryption.

All data at rest is encrypted, safeguarding its integrity and confidentiality. Web traffic is protected by an enterprise-grade web application firewall (WAF) and distributed denial-of-service (DDoS) mitigation service.

Application Security

We adhere to OWASP guidelines, a recognized standard in web application security.

All code changes require peer review and automated security checks before deployment to production. We conduct regular penetration testing to assess and strengthen our platform’s defenses.

Our codebase is continuously monitored by automated dependency scanning and secret detection tools to identify vulnerabilities in our code and third-party libraries.

Access Controls

Customer authentication is managed through a dedicated identity management platform with support for multi-factor authentication (MFA) and single sign-on (SSO).

Internal access to our infrastructure requires multi-factor authentication and is managed through a centralized identity provider with role-based access controls (RBAC). Access is granted on a least-privilege basis, ensuring only authorized personnel can reach sensitive resources.

Data Protection

All data transmitted to and from our platform is encrypted using TLS 1.2 or higher, ensuring secure passage at every step.

All data at rest is encrypted using AES-256 or equivalent standards, including database encryption and storage encryption.

We do not store payment card data. Payments are processed securely by Stripe and managed by Chargebee.

Effective: January 1st, 2026

Monitoring & Incident Response

We continuously monitor our platform using a dedicated monitoring and alerting platform, complemented by cloud-native monitoring and alerting. This provides real-time visibility into system health and security events.

We maintain a documented incident response plan. Should any security concern arise, we are immediately alerted and ready with a responsive action plan. If a security incident affects your data, we will notify you promptly.

Business Continuity

We maintain automated backups of all customer data with defined recovery procedures.

Our infrastructure is designed for high availability and we maintain a business continuity plan to minimize service disruption in the event of an incident.

Vendor Management

We assess the security practices of our service providers before engagement and monitor them on an ongoing basis.

Our key infrastructure and security providers maintain independent SOC 2 attestations. We require data processing agreements with all providers who handle customer data.

Compliance & Continuous Improvement

Alliansis holds SOC 2 Type 1 attestation, independently assessed across the Security, Confidentiality, and Availability trust service criteria.

We regularly review and update our security practices in response to evolving threats and industry standards.

If you have any questions about our security measures, please contact us at [email protected].

This page describes our current security practices, which may be updated from time to time. It does not constitute a warranty or contractual commitment beyond those stated in our Terms of Use.