Our Commitment to
Industry-Leading Security Practices
SOC2 Certification
Vendori has obtained SOC2 certification and operates within all security recommendations and requirements. The report outlines Vendori’s security commitments and the suitability of the design and operating effectiveness of the controls achieved based on the applicable trust services criteria.
General Security and Compliance Practices
Vendori is evaluating and deploying security industry best-practices across all product, internal, and customer-facing operations as outlined in our internal Policies, Procedures, and Compliance guidelines.
From data management and retention to user access policies and cloud security, the Vendori platform was built with a security-first mindset to keep you and your sensitive information protected.
Application Security
Vendori’s secure application was entirely developed on AWS architecture and in compliance with leading security standards to ensure all our customers’ data stays private. Our application security measures include:
Frequent and ongoing Penetration and Vulnerability Testing
Customer database segregation
Permissions and role management (need-to-know)
SSL / HTTPS Network protocols
SSO access management
Redundant system architecture
Backup and Disaster Recovery
As a result of being a cloud-native company, Vendori benefits from industry-leading backup and disaster recovery availability from our cloud hosting providers (AWS) and related services.
Production data is mirrored to remote systems and automatically backed up daily to an offsite location and if our service availability is ever interrupted, we can easily recover functionality in the backup data center. We review this procedure annually to ensure SLA adherence.
Data Centers
Vendori leverages only industry-leading technology solution providers. Our platform was built for and continues to be managed on AWS cloud infrastructure.
Third party applications and infrastructure providers undergo a frequent supplier review cadence to ensure all security protocols and requirements are met and current.
