Security, Trust, and Compliance at Aurinko

We know that your business needs to develop strong, lasting relationships with your vendors to build confidence that we can be trusted to deliver your workloads. Part of that is through certifications, audits, and the continual refinement of our practices. At Yoxel, Inc., the Aurinko API product underscores our steadfast dedication to data security and privacy.

Our Compliance Roadmap (SOC 2)

Yoxel, Inc. is actively preparing for our formal SOC 2 Type I examination, targeted for Q3/2026. We partner with Secureframe to continuously monitor our security controls against industry standards.

Highly motivated customers who require a deeper look into our security posture prior to our formal report audit can request our security questionnaire package by contacting our team.

Key Tenets of Aurinko API’s Security Framework

  • Enterprise Cloud Infrastructure: The Aurinko API is hosted entirely on premier cloud infrastructure providers that maintain strict physical security controls and are certified to SOC 2 and ISO 27001 standards.
  • Data Encryption: Within the Aurinko API infrastructure, data is treated as a paramount asset. All customer data is encrypted using industry-standard protocols—both in transit (via TLS) and at rest (via AES-256) within our managed database services.
  • Continuous Data Protection: Our managed database architecture incorporates continuous data protection, meaning our data is regularly backed up and can be restored to a specific point in time to prevent data loss.
  • Access Control & MFA: We enforce a comprehensive access control system based on the principle of least privilege. Role-based access control (RBAC), combined with mandatory Multi-Factor Authentication (MFA), ensures that only vetted and authorized individuals gain access to critical systems.
  • Secure Remote Work: To bolster operational security, all internal company communications and engineering access are fortified via secure, monitored VPN connections. All employee workstations are fully encrypted to prevent unauthorized access in the event of physical theft.
  • Penetration Testing & Vulnerability Management: Third-party security testing of the Aurinko API product is performed regularly by independent and reputable security consulting firms. Findings from these assessments are risk-ranked, tracked, and remediated promptly.

Vulnerability Disclosure & Questions

We welcome feedback from the security community. If you have questions about our security practices or believe you have discovered a vulnerability, please reach out to us directly at security@yoxel.com.