We know that your businesses need to develop strong and lasting relationships with your vendors to build confidence that we can be trusted to deliver your workloads. Part of that is through certifications, audits, and continual refinement of our practices. At Yoxel, Inc., the Aurinko API product underscores our steadfast dedication to security in the ever-changing digital landscape.
SOC 2
Yoxel, Inc. is actively working toward SOC 2 certification, with a specific focus on the security of its Aurinko API. We are undergoing this process with our vendor, TrustCloud. After completion, we plan to publish a compliance portal via our vendor.
Highly motivated customers who are in the process of securing SOC2 certification can request a security questionnaire where the Yoxel team will provide relevant information.
No Longer Hosted on Heroku
To enhance our security posture and ensure compliance with SOC 2 standards, we have migrated Aurinko to a cloud provider that offers robust security controls.
Key Tenets of Aurinko API’s Security Framework
-
Proactive Risk Management: At Yoxel, we meticulously manage risks, promptly identifying, assessing, and mitigating vulnerabilities. This process ensures the implementation of protective measures that are continuously scrutinized to safeguard your data.
-
Data Fortification: Within the Aurinko API infrastructure, data is considered a paramount asset. Therefore, all customer data is subject to robust encryption measures during active transmission, ensuring its confidentiality.
- Our provider’s managed database service provides trusted sources control and encryption at rest, ensuring that data stored in the database is protected even when it’s not actively in use.
- The managed database service incorporates continuous data protection, which means our data is regularly backed up and can be restored to a specific point in time, reducing the risk of data loss in case of unexpected events or errors.
-
Mandatory VPN Connections: To bolster data communication security, we mandate VPN connections within our operations. These connections are fortified with advanced security features, ensuring the inaccessibility of data during transit.
-
Device Encryption: Laptops used within our operations are encrypted, providing an additional layer of protection against unauthorized data access and potential physical breaches.
-
Access Control: Our comprehensive access control system ensures that only vetted and authorized individuals gain access to critical data and systems. Role-based access, combined with multifactor authentication, ensures data access on a need-to-know basis.
-
Robust Cloud Backups: All instances within the Aurinko API’s cloud system are regularly backed up.
-
Penetration Testing and Vulnerability Assessments: Third party security testing of the Aurinko API product is performed by independent and reputable security consulting firms. Findings from each assessment are reviewed with the assessors, risk ranked, and assigned to the responsible team.
-
Continuous Enhancement: In a constantly evolving digital landscape, Aurinko API remains committed to refining and enhancing its security measures. This ensures that our practices stay in lockstep with the latest industry advancements and challenges.
Aurinko API’s Commitment to Cybersecurity
Yoxel, Inc. with its Aurinko API product remains resolute in its mission to safeguard client data and uphold the integrity of its cloud ecosystem. We acknowledge the vital role of cybersecurity in today’s landscape and continuously invest in enhancing our security protocols. Our approach is not only rooted in our core commitment but is also shaped and fine-tuned through insights from industry-leading security standards.