Security is in our DNA
Akitra Inc. is a cybersecurity and compliance automation company that makes security and customer trust our top priorities.
Akitra uses enterprise-grade security and regular audits to ensure that our customers are always protected. We undergo regular penetration testing and security reviews and have been certified by independent auditors under both the SOC 2 Type 2 (attestation achieved with no exceptions) and ISO 27001 frameworks. We are also GDPR compliant and committed to maintaining the high standard of privacy that GDPR mandates.
Data is encrypted in transit with TLS 1.2. Data is encrypted at rest with AES.
Akitra is hosted on AWS cloud infrastructure and is backed by AWS’ security measures.
Akitra is in full compliance with GDPR and has support for data deletion. To request data removal, please contact us at firstname.lastname@example.org.
Security Awareness Training
All our team members periodically go through employee security awareness training covering industry best practices for information security.
Independent third-party penetration, threat, and vulnerability testing is regularly carried out. In addition, our security team checks systems and internal / third-party services for vulnerabilities and applies patches promptly.
Akitra’s user management is based on role-based account access. All access to our production infrastructure requires multi-factor authentication, and is restricted to authorized personnel only. Customer data access is limited to employees on a strictly as-needed basis.
An independent third-party penetration test is regularly performed to ensure that the security posture of our services is uncompromised.
Our organization undergoes independent third-party assessments to formally audit our security controls and practices.
Roles and Responsibilities
Roles and responsibilities related to our information security program and the protection of our customer’s data are well defined and documented.
Info Sec Program
Akitra has an information security program in place that is communicated throughout the organization following the standards and criteria as set forth by the AICPA SOC 2 and ISO 27001 frameworks.