Data Security

Protecting your data and helping you comply with global standards

SysAid follows strict international standards and regulations in order to keep your information safe

ISO-27017-Badge

ISO 27017 Certificate

ISO-27001-Badge

ISO 27001 Certificate

ISO-27018-Badge

ISO 27018 Certificate

Logo of soc 2 type 2 certification by the aicpa featuring a white and teal badge with a blue checkmark.

SOC2 Type 2 Certificate

Security Framework Highlights

AWS Badge

SysAid Cloud Security and Compliance Standards

Cloud Security Alliance Logo

SysAid Security Information

Your security is everything

SysAid values and appreciates security researchers that do the right thing and help make the world a bit more secure. Our promise is to always be open to discovering vulnerabilities that were not previously recognized. If you think you’ve found a gap in our armor and want to let us know, please leave your report here.

A dedicated security team

  • Led and managed by CISO
  • Multiple trusted, third-party security providers
  • DevSecOps, GRC, application, and infrastructure experts
  • Collaboration with Data Privacy Officer (DPO)
  • Embedded security champions within R&D teams
  • Extensive training programs to developers (OWASP) and entire employees (awareness and privacy)
Three cartoon-style, turquoise creatures resembling a bird and two other animals, each with large eyes and playful designs, set against a white background.

Secured Platform

  • Supports Integration with enterprise SSO system
  • Password management service: Accounts lockout
  • Role based access control
  • Customer’s data: encryption at rest & at transit
  • Customer’s databases segregation
  • Continuously monitored production environment
A cute, stylized cartoon owl holding a clipboard with a lock, depicted against a plain white background.

In-House Security Measures

  • Vulnerability management: via tools and manually to scan the entire ecosystem.
  • Third-party security: vendors are undergo annual reviews
  • Security assessments: strict schedule by rotating 3rd parties to perform application penetration testing, Infrastructure Audits, and Corporate systems security assessments.
  • Cloud security: hosted by AWS
  • Extensive security protection throughout the all defense layers: FireWall, VPN, Workstation, segregation, and more
A document icon with binary code and a colorful shield symbol, representing data security and encryption.

SysAid Copilot: Building on a Foundation of Security

Your data security is our top priority, we are SOC2 certified and compliant with GDPR standards.
SysAid Copilot, like all SysAid products, has been built from the ground up with a strong commitment to a security-first mindset. This document serves as a comprehensive guide, outlining the details of our approach to building the SysAid Copilot system.



Which Generative AI Technology powers SysAid Copilot

SysAid Copilot utilizes OpenAI’s leading Large Language Models, GPT-3.5 Turbo and GPT-4 Turbo. Both models are utilized as default Microsoft Azure OpenAI Services while providing the security and enterprise promise of Azure, with no usage of ChatGPT or ChatGPT Enterprise. You can find more details about Azure OpenAI Service data security here.

SysAid Copilot customers have the option to choose OpenAI API as an alternative to Azure OpenAI Services, meaning access to more frequent model updates.

Data, privacy, and security for Microsoft Azure OpenAI Service
You can find more information here.

Privacy, Security, and Trust Are Top of Mind Here at SysAid

Our clear procedures and automated controls ensure that your data is under lock and key while you always maintain control over your data.

Infrastructure Security

As industry leaders, we adhere to strict international standards and regulations and are ISO and SOC2 Type 2 certified. In addition, our data centers are also SOC2 and ISO 27001 compliant. We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy and protection whenever data is in transit.

 

As industry leaders, we adhere to strict international standards and regulations and are ISO and SOC2 Type 2 certified. In addition, our data centers are also SOC2 and ISO 27001 compliant. We use standard secured network protocols and encryption via Secure Sockets Layer/Transport Layer Security (SSL/TLS) encrypted channels to protect customer data and ensure data privacy whenever data is in transit.

Encryption

Our built-in encryption methods are incorporated into the SysAid environment (AES-256) to protect customer data and ensure data privacy and protection for data at rest.

Authentication Requirements

SysAid authenticates all users with a unique ID and password by default (saving and encrypting the information in our database). Users can choose whether they want to allow password caching or not. Access to all API resources is always authenticated

SAML & MFA

SysAid supports different types of SSO solutions (Microsoft Azure, Microsoft ADFS, Google GSuite SSO, OKTA, and OneLogin) permitting customers to implement Single Sign-On (SSO) in accordance with their own access policies.

Confidentiality

Both SysAid employees and contractors sign confidentiality agreements upon commencing work with SysAid.

While privacy laws may vary between jurisdictions, SysAid is committed to protecting personal data in accordance with our Privacy Policy and customary industry standards.

Annual Third-Party Audits

We are audited annually in order to continuously improve and expand our security procedures and meet or exceed ever-evolving compliance requirements.

Cloud Data Storage

SysAid Cloud is hosted in third-party state-of-the-art data centers across three primary regions: US, Europe, and Asia Pacific (other locations may be available by request). Our entire production infrastructure and application utilizes and relies on AWS, the leading global Cloud Services Provider. Amazon maintains and demonstrates SSAE-16 SOC 1, 2 and 3, ISO 27001, and FedRAMP/FISMA reports and certifications. Web servers and databases run on servers in secure data centers.

Penetration Tests and Vulnerability Scans

As part of our security measures we automatically update and deploy security patches with each version update and proactively perform periodic vulnerability scans and penetration tests.

We work alongside independent and accredited information security companies to perform regular penetration tests and monitor malicious activity and unauthorized behavior to protect SysAid’s AWS accounts, workloads, and data stored in AWS.

see our SysAid Vulnerability Disclosure Policy (VDP) for more details.

DDoS Protection

As part of our multilayered-protection approach, our Disaster Recovery Plan includes mitigations for numerous scenarios including DoS & DDoS attacks.

Data Backup

In addition to standard AWS backups which are performed regularly, SysAid also uses our internal tools to daily backup each customer’s database. Learn more about backups here.

If you have a security question please contact our Security Team.


Back to Top

We respect your privacy. By continuing to use our site, you agree to our privacy policy.

SysAid Reviews
SysAid Reviews
Trustpilot