Data Security
Protecting your data and helping you comply with global standards
SysAid follows strict international standards and regulations in order to keep your information safe
ISO 27017 Certificate
ISO 27001 Certificate
ISO 27018 Certificate
SOC2 Type 2 Certificate
Security Framework Highlights
SysAid Cloud Security and Compliance Standards
SysAid Security Information
Your security is everything
SysAid values and appreciates security researchers that do the right thing and help make the world a bit more secure. Our promise is to always be open to discovering vulnerabilities that were not previously recognized. If you think you’ve found a gap in our armor and want to let us know, please leave your report here.
A dedicated security team
Secured Platform
In-House Security Measures
SysAid Copilot: Building on a Foundation of Security
Your data security is our top priority, we are SOC2 certified and compliant with GDPR standards.
SysAid Copilot, like all SysAid products, has been built from the ground up with a strong commitment to a security-first mindset. This document serves as a comprehensive guide, outlining the details of our approach to building the SysAid Copilot system.
Which Generative AI Technology powers SysAid Copilot
SysAid Copilot utilizes OpenAI’s leading Large Language Models, GPT-3.5 Turbo and GPT-4 Turbo. Both models are utilized as default Microsoft Azure OpenAI Services while providing the security and enterprise promise of Azure, with no usage of ChatGPT or ChatGPT Enterprise. You can find more details about Azure OpenAI Service data security here.
SysAid Copilot customers have the option to choose OpenAI API as an alternative to Azure OpenAI Services, meaning access to more frequent model updates.
Data, privacy, and security for Microsoft Azure OpenAI Service
You can find more information here.
Our clear procedures and automated controls ensure that your data is under lock and key while you always maintain control over your data.
As industry leaders, we adhere to strict international standards and regulations and are ISO and SOC2 Type 2 certified. In addition, our data centers are also SOC2 and ISO 27001 compliant. We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy and protection whenever data is in transit.
As industry leaders, we adhere to strict international standards and regulations and are ISO and SOC2 Type 2 certified. In addition, our data centers are also SOC2 and ISO 27001 compliant. We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy whenever data is in transit.
Our built-in encryption methods are incorporated into the SysAid environment (AES-256) to protect customer data and ensure data privacy and protection for data at rest.
SysAid authenticates all users with a unique ID and password by default (saving and encrypting the information in our database). Users can choose whether they want to allow password caching or not. Access to all API resources is always authenticated
SysAid supports different types of SSO solutions (Microsoft Azure, Microsoft ADFS, Google GSuite SSO, OKTA, and OneLogin) permitting customers to implement Single Sign-On (SSO) in accordance with their own access policies.
Both SysAid employees and contractors sign confidentiality agreements upon commencing work with SysAid.
While privacy laws may vary between jurisdictions, SysAid is committed to protecting personal data in accordance with our Privacy Policy and customary industry standards.
We are audited annually in order to continuously improve and expand our security procedures and meet or exceed ever-evolving compliance requirements.
SysAid Cloud is hosted in third-party state-of-the-art data centers across three primary regions: US, Europe, and Asia Pacific (other locations may be available by request). Our entire production infrastructure and application utilizes and relies on AWS, the leading global Cloud Services Provider. Amazon maintains and demonstrates SSAE-16 SOC 1, 2 and 3, ISO 27001, and FedRAMP/FISMA reports and certifications. Web servers and databases run on servers in secure data centers.
As part of our security measures we automatically update and deploy security patches with each version update and proactively perform periodic vulnerability scans and penetration tests.
We work alongside independent and accredited information security companies to perform regular penetration tests and monitor malicious activity and unauthorized behavior to protect SysAid’s AWS accounts, workloads, and data stored in AWS.
see our SysAid Vulnerability Disclosure Policy (VDP) for more details.
As part of our multilayered-protection approach, our Disaster Recovery Plan includes mitigations for numerous scenarios including DoS & DDoS attacks.
In addition to standard AWS backups which are performed regularly, SysAid also uses our internal tools to daily backup each customer’s database. Learn more about backups here.
If you have a security question please contact our Security Team.