Privacy & Security
Privacy & Security
We understand that the privacy and security of your data is vital, so we are committed to providing a highly secure and reliable environment you can trust.
Advizr uses bank-level security and implements and abides by the highest standards across the industry. We conduct a third party security audit (SOC 2) that attests to key compliance controls and objectives
Data Privacy and Security FAQs
Data & Network Security
Is Advizr data encrypted?
All data is encrypted in transit (via 256-bit SSL/TLS encryption) and at rest using AES-256 bit encryption, providing end to end security and protection. Advizr implements strict access controls and policies to enforce privacy.
Where is Advizr data/infrastructure hosted?
Hosted on Amazon Web Services (AWS), we rely on Amazon’s world-class platform as a service to run in a secure, scalable and dependable environment.
How is Advizr’s network protected?
Advizr utilizes Amazon Virtual Private Cloud (VPC), a logically isolated section of AWS, to provide advanced security and protection. The application servers and databases reside in private subnets. Firewalls and fined-grained network access control lists enable inbound and outbound filtering at the instance level and subnet level.
Advizr utilizes advanced intrusion detection and prevention software, as well as real-time network traffic analysis with machine learning algorithms for anomaly detection. By practicing the principle of least privilege, Advizr’s network is designed to protect against any unauthorized traffic and exposure to the Internet.
Does Advizr ever “go down”?
Outage History – Advizr has not experienced any unexpected outages. Any outages that did occur were minor and had little to no disruption of service to our customers. Over the last few years, Advizr’s uptime exceeds 99%.
What measures does Advizr take to insure security and safety?
Advizr uses bank-level security and implements and abides by the highest standards across the industry. We conduct a third party security audit (SOC 2) that attests to key compliance controls and objectives, achieving commitments in:
Does Advizr have a comprehensive security program?
Yes. Advizr implements an extensive security framework based on NIST and ISO27002 guidelines.
Does Advizr have a SOC 2 Report?
Yes. Advizr completes an annual SOC 2 audit, testing our security controls. The report is available upon request.
Does Advizr conduct third party penetration tests and/or vulnerability scans?
Yes. Advizr completes an annual third party penetration test by certified experts. The report is available upon request.
What other measures does Advizr take to insure security?
What controls are in place to protect PII (personally identifiable information)? How is data encrypted in transit and at rest? How is data masked / obfuscated in testing environments?
Advizr utilizes a cybersecurity framework based on NIST. Data is encrypted in transit and at rest (AES-256). Data is not migrated between environments.
Advizr collects and stores the following client information:
Advizr does not collect nor store any of the following:
Is your third party account aggregator safe?
Advizr partners with Quovo. Advizr does not store or maintain account login credentials, those are passed along to Quovo. Review Quovo’s Infosec: https://www.quovo.com/infosec/