Secured by design

We put a lot of effort into ensuring your data is safe, it’s your data after all, not ours...

Security graphic

ISO/IEC 27001 certified

The Aluma public cloud service, all Aluma software and all our company activities are certified as compliant with ISO/IEC 27001:2013. Our certificate and security whitepaper are available on request.

Hourglass graphic

Limited data

Aluma is designed to have as little of your data as possible for the shortest time possible. Documents are only passed to the service while they are actively being processed, usually only for a few seconds, and are then immediately deleted.

Privacy graphic

Data never stored on disk

We strictly limit the number of your documents that can be within the service at any time. During processing, document files are stored securely and only in memory, never to disk.

Physically secure

Aluma is hosted in Google Cloud Platform data centres. These offer state-of-the-art physical and logical security for the servers and related infrastructure that comprise the operating environment for the Aluma service.

All the data centres we use are secured and monitored 24/7, and physical access is strictly limited to select Google staff with multiple biometric controls.

Further security

Here are some of the extra steps we take to ensure your data is secure.

Cube icon

Aluma takes all necessary precautions to ensure that every layer involved in data transfer is secured by best-of-breed technologies. All data in transit to and from the service is encrypted using SSL, so you can securely upload documents and download results.

Cube icon

Network access to the Aluma platform from the internet is highly restricted. Services and data stores are protected from unauthorized external access using private virtual networks, firewalls and other measures. The platform is monitored and protected by Google's advanced intrusion and protection systems.

Cube icon

All requests to the service are authenticated using industry-standard OAuth2 and OpenID Connect technologies that ensure that your account is secure.

Cube icon

Access to systems within the production environment is limited to those engineers with a specific business need with approval of the CTO.

Cube icon

Every microservice within the platform runs inside a Docker container. We use Docker to avoid erroneous instance-configuration changes, upgrades, and corruption that are common sources of security breaches.

Cube icon

The Aluma platform is regularly subjected to thorough penetration tests by our CREST-certified expert penetration testing partners. We are happy to share their latest report detailing their findings with you.

Ready to get started?

Get in touch or request a free trial.
X

Product enquiry

If you want to contact us about one of our products then use the form below.