Security

Protecting your data with industry-leading practices

The security of your data is our top priority. We are SOC 2 certified and maintain industry-leading security and privacy practices. If you have any specific concerns beyond the scope of this page, please contact us at support@polinode.com.
‍
In addition to all of the information below, Polinode maintains a Trust Center that you may access to via the button below. Enterprise and Partner customers may request access to our annual 3rd party penetration test and other documents via the Trust Center.

Trust Center

Polinode security diagram including SOC 2 certification.

Compliance

Polinode is AICPA SOC 2 certified and our infrastructure is provided by Amazon Web Services, which is certified for compliance with ISO 27001, ISO 27017, ISO 27018, PCI DSS, as well as audited against the AICPA SOC 2 and AICPA SOC 3 standards. We are hosted in the AWS Ireland region, which typically makes compliance easier for our EU-based customers (or non-EU customers with EU employees). We may also be able to support you in other AWS regions on request.

Encryption

Encryption at-rest: all data is encrypted before it is written to disk using AES-256 bit encryption.
‍
HTTPS: all data you exchange with Polinode is transmitted over SSL/TLS. Data we collect from 3rd-party services on your behalf is also fetched over SSL/TLS. If you would like to learn more about how we connect to a specific data source, please contact us.

Security and penetration testing

Comprehensive testing to ensure the highest levels of security and protection.

3rd-party penetration testing

Comprehensive testing to ensure the highest levels of security and protection.

Automated security scans

We use automated scanning tools to continually scan our application and infrastructure for vulnerabilities, including Amazon Inspector and Drata. We also utilize source-code level scanners to identify vulnerabilities in any dependencies.

Cover page and table of contents for Polinode's Information Security Whitepaper.

Additional security practices

Ensuring robust security measures to protect your data at every level.

If you require any additional information on our security practices, please contact us at support@polinode.com. We can provide detailed documentation on our security practices under NDA.

Limit processing to meta-data

We don’t read your email. We only ingest meta-data, ensuring your content remains secure.

Multi-factor authentication

Access to our infrastructure requires strong passwords and multi-factor authentication for added security.

OAuth 2

We use OAuth 2.0 to securely access data from your integrations, allowing you to revoke access anytime.

Separation of environments

We maintain distinct production, staging, and development environments to safeguard your data.

No sensitive payment information stored

Payments are processed through Stripe, ensuring your payment details are never stored.

Security audits

Regular internal audits ensure compliance with our stringent security policies and procedures.

Unlock the hidden insights in your organization

Look past the boxes and lines of traditional org charts and see how your organization actually works.

Request demo

Get started free