Security

Synota holds itself to a high standard of security.  Synota takes compliance seriously and understands it significance to both customers and partners.  For this reason, Synota is AICPA SOC 2, Type II certified.  Please reach out to security@synota.io for a copy of the report.

Cloud Security
Synona leverages AWS for hosting Synota Services and stores customer data in segmented AWS cloud servers, accessible only by the customer.  Learn more about AWS security compliance.

Vendor Security
Synota minimizes risks associated with third-party vendors by performing security reviews on all vendors with any level of access to our systems or data.

Network Security
Synota performs extensive network security scanning and testing, in addition to annual third-party penetration testing.  Access to Synota’s network is restricted on an explicit need-to-know basis.  Synota’s services are monitored 24/7 and systems are configured to detect and generate alerts for any anomalous activity.

Encryption
All communication with Synota’s UI and APIs are encrypted.  All data is encrypted in AWS.

Availabiltiy & Continuity
Synota has built a robust technical environment, making every effort to remove single points of failure, allow for disaster recovery activities, and replicate services.  Synota maintains system status information on its website.

Application Security
Testing and staging environments are logically separated from the Production environment.  Synota does not store sensitive customer data within the application.

Human Resources
All employees attend security awareness training.  The Synota team meets regularly to discuss security best practices and to review policies.  Synota performs a background check on all new employees.  Anyone working for or with Synota is required to agree to non-disclosure and confidentiality terms.