Regulatory
Our products, services, and operations adhere strictly to international standards and regulations.
Keeping Your Data Safe
You trust us with sensitive information about your business and we appreciate how important it is to look after it properly. Here's how we make sure your information is used and seen only by the people who need to see it.
1. Best Practices
We follow information security best practices, and use third-party services to confirm what we are doing is effective.
A. SOC 2 Type I
Akuuk has obtained the AICPA's SOC for Service Organizations, SOC 2 Type I. We were audited by Panoramic Synergy Enterprise. Our SOC 2 Type I report can be requested by emailing security@akuuk.com.
B. Security Suite
Akuuk uses a comprehensive security suite to protect its users. This suite includes antivirus, firewall, WAF, patch management, and domain reputation tools. All of these tools are easy to use and have advanced automation features.
C. Monitoring Tools
We use Vanta and Munin to continuously monitor our production and corporate infrastructure.
D. Hosting Providers
We host our platforms on IBM Cloud and Namecheap and uses accredited features and services.
E. Penetration Testing
Our platforms, products and services are tested through external penetration tests performed by third-party security companies on a weekly and monthly intervals.
F. SSL/TLS A Rating
All of Akuuk applications is TLS/SSL-only and scores an A+ rating on Qualys SSL Labs Test.
G. CSA Star Program Member
We have completed the Cloud Security Alliance (CSA) Consensus Assessment Initiative Questionnaire (CAIQ).
2. Security Features
A. Technical Security Controls
- Access control lists (ACL), intrusion detection and prevention (IDS/IPS), and web application firewalls (WAF).
- Managed employee devices (MDM, Anti-malware).
- Data anonymization.
- Encryption (at rest and in transit).
- Logical access control (granular privileges), and multi-factor authentication (MFA).
- Logging and monitoring.
- Vulnerability management program.
B. Organizational Security Controls
- Information security policies.
- Personnel awareness and training.
- Business resilience planning (disaster recovery and business continuity).
- Data processing agreements (DPA).
- External penetration testing.
- Secure development lifecycle (SDLC).
- Third-party vendor risk management.
Any Questions?
If you have any questions about the above or anything else about security at Akuuk, we would be happy to answer them. Contact our IT Security department at security@akuuk.com.