Alooma is a data in motion company helping companies across private and public sectors to drive mission-critical business processes. That’s why we’ve taken a security first approach that combines best-of-breed technology, a highly trained and experienced staff, adherence to the strictest standards in the industry and the flexibility to meet diverse customer requirements.
Alooma leverages multiple layers of defense to ensure all data is protected from unauthorized access and tampering. Alooma runs in Amazon Web Services’s highly secure data centers. The Alooma service runs inside a Virtual Private Cloud, with individual hosts protected by firewalls configured with the most stringent rules. All communication with the Alooma service is protected at the network level using industrial-strength, secure protocols. A secured architecture, internal best practices, third-party certifications and audits are all important components of our security program. We are SOC 2 Type II and HIPAA compliant.
When it comes to handling the data of our customers, we make no compromises. Even though Alooma is not a storage company, all of our customers' data is always encrypted. When it comes to sensitive data, like access credentials, we even encrypt it on two different levels. Our access policies are the strictest possible, separating our various environments and the permissions allocated to each. When troubleshooting is required, and access is inevitable, we allocate temporary access credentials. Periodically, we review our audit logs and various policies, and make sure they adhere to the highest standards.
If you are experiencing any potential security issues, please report them to us at firstname.lastname@example.org.