Resource Center

Data protection and data security at Advizr

We take security very seriously at Advizr. This is how Advizr secures your data.

Application Architecture and Security

Advizr is a multi-tier application built using the latest and most secure web technologies. The front end is built using HTML 5 and JavaScript. The back end is built using Microsoft's .NET framework. Data is stored in a MySQL database and an Amazon DynamoDB database.

Infrastructure Security

Advizr is hosted on Amazon Web Services (AWS). We rely on Amazon’s world-class platform as a service to run in a secure, scalable and compliant environment.

Amazon’s infrastructure implements SOC1 compliance guidelines (formerly known as SSAE 16 and SAS 70). As such, Advizr leverages all of Amazon’s compliance and security features, from their ultra-secure data centers to their high availability SLA.

For more information, please refer to Amazon’s compliance website (http://aws.amazon.com/compliance/).

Network Security

Advizr utilizes Amazon Virtual Private Cloud (VPC), a logically isolated section of AWS, to provide advanced security and protection. The application servers and databases reside in private subnets. Firewalls and fined-grained network access control lists enable inbound and outbound filtering at the instance level and subnet level. By practicing the principle of least privilege, Advizr’s network is designed to protect against any unauthorized traffic and exposure to the Internet.

Document Vault

Files uploaded to Advizr’s Document Vault are encrypted in transit and at rest providing end to end security and protection. During transport, files are sent using 256-bit SSL/TLS encryption. Files are then stored using AES-256 encryption. Advizr implements strict access controls and policies to enforce privacy and ensure users can only access their files.

Client Data Encryption

Advizr classifies data into two categories. General data that is not related to client information is stored in a secure MySQL database for which access is tightly controlled. More sensitive client data (listed below) is stored in a separate, highly secure database with an extra layer of encryption. This data is encrypted using bank-level 256-bit encryption technology.

Advizr collects and stores the following client information:

  • Full Name
  • Age
  • Email (optional)
  • Names of dependents
  • Ages of dependents
  • Balances of bank accounts
  • Asset value of brokerage and retirement accounts

Advizr does not collect nor store any of the following:

  • Address or phone numbers
  • Bank Account Numbers
  • Social security numbers
  • Credit card numbers.

Access Controls

Advizr implements strict processes and procedures for access to production environments and data. For example, employees cannot access production servers and databases and cannot circumvent account password protection. Only designated development operations personnel are allowed to access these servers for maintenance and upgrades. Furthermore, all access is logged and requires multifactor authentication and access keys that are regularly regenerated. Developers and quality assurance personnel are given access to a separate development environment.

User Management

Advizr provides administrative features such as user account creation, suspension and password reset.

Audit and Deletes

Advizr keeps a detailed audit trail of all user access and activity in the application. Detailed activity reports can be provided to our clients upon request. Moreover, Advizr does not perform hard deletes of client records by default. All data is "soft" deleted by making it invisible to the user.  Permanent deletions of client data can be performed upon request.

Backups and Recovery

To insure data safety, we perform near-real-time and daily backups of our data. In the unlikely event of a loss of data, our data recovery procedure can restore lost data within minutes. 

Data Ownership

All client data is owned by the financial institution or the adviser. We do not share the data with third parties. Advizr might collect anonymous data at the aggregate level for the purpose of providing analytics and improving its product and services.