If You Would Like Us to Keep You Updated on Events And News, Please Sign Up Here
Building Customer Trust at Scale
The People.ai information security program is based on the NIST and ISO 27001 frameworks. Security and privacy are built into the People.ai foundation, in both the products that we offer and in the day-to-day work of every People.ai employee. We have designed security and privacy controls that protect the data entrusted to us and give us the ability to determine and assess the security posture of the organization.
In our information security program, we strive to:
- Ensure the security of the data entrusted to People.ai by our customers
- Continuously build trust and confidence
- Become a first-in-class example of security done right for SaaS providers through strategic investments in information security across the organization
People.ai is transparent with our customers and prospective customers on our security and privacy controls around their data. We collaborate with our customers in order to build trust and ensure that our customers maintain a level of comfort in sharing data with People.ai. People.ai completes an annual SOC 2 certification as well as ISO 27001 certification, both of which are available to all customers. In addition to these certifications, People.ai has also completed a Google OAuth Verification and CSA STAR Level 1 Attestation. People.ai also maintains a Status Page with updates on the People.ai application that customers can subscribe to for alerts on any potential issues.
All data provided to People.ai by our customers is encrypted at rest and in transit within the boundaries of the People.ai environment. Customer data in our systems is protected from loss, misuse, and unauthorized access, disclosure, alteration, and destruction.
People.ai has implemented an incident response program in line with ISO 27001 to identify, investigate, and remediate any potential security incidents. People.ai partners with customers to provide transparency in our incident response process and to work with customers in the event of a security incident impacting their services.
People.ai provides a 99.5% uptime SLA by running in a highly available AWS environment, including the use of AWS Shield for DDoS protections.
We’re compliant with GDPR and CCPA. Please visit the People.ai Privacy Statement for more information.
Risk Awareness and Vulnerability Monitoring
People.ai performs continuous risk assessments in line with ISO 27001 requirements to ensure an ongoing and comprehensive view of overall risk, including fraud risk. We also continuously monitor our environment to ensure that vulnerabilities are identified and remediated in accordance with CVSS scores and potential impacts to the People.ai environment.
Amazon Web Services is our IaaS hosting partner, providing leading-edge physical security and environmental controls that protect the data entrusted to People.ai by our customers. We have also implemented extensive security measures on endpoint devices and at office locations to ensure that sensitive information is accessed and viewed only by those with the proper credentials and business need.
People.ai understands that who we choose as our third-party suppliers and vendors has a direct impact on our customers and the trust we have built with them. We strive to ensure that any third-party vendors or suppliers meet or exceed our expectations when it comes to security and privacy controls. A list of the People.ai sub-processors and vendors can be found here.
A Candid Conversation Between Savanna and Aman
Meet our Chief Information Security Officer, Aman Sirohi, and Compliance Manager in Engineering, Savanna Myer