Sixfold Security Commitments


The protection of your data and privacy is our top priority.

Information Security Policy
Sixfold has defined and published a set of information security policies which includes:

  • Comprehensive and well-defined information security policy governing all aspects of data protection and handling.
  • Regularly updated and reviewed policies to adapt to emerging threats and industry best practices.
  • Ingrained security culture ensuring all team members understand and adhere to the information security policy.
Logging and Monitoring
  • Continuous logging and monitoring of system activities to detect and respond to potential security threats.
  • Real-time monitoring of critical systems to ensure timely identification of security incidents.
  • Proactive measures to prevent abuse and misuse, with data retained for monitoring purposes for a limited period.
Security for Software
as a Service
  • Cloud-native SaaS platform with global availability and built-in redundancy on Amazon Web Services (AWS).
  • Single-tenant environments for each customer, ensuring data segregation, customization of models and the highest level of protection for customer data.
  • We enhance security with real-time monitoring tools for cloud configuration and container integrity, web application firewalls, and other security controls.
Incident Management and Disaster Recovery
  • Well-defined incident management procedures to respond swiftly and effectively to security incidents.
  • Documented processes to address privacy-related complaints and communicate resolutions to individuals.
  • Comprehensive disaster recovery plans to minimize downtime in the event of an unexpected incident.
  • Continuous improvement of incident management practices based on lessons learned.
Network Security
  • Robust network security measures, including encryption of data in-transit and at rest.
  • Leverage of Amazon AWS infrastructure expertise to maintain a secure cloud platform.
  • Regular monitoring and auditing of network activity to detect and prevent unauthorized access.
Encryption
  • Strong encryption protocols employed to safeguard customer data.
  • Encryption of all customer data both in transit and at rest to ensure confidentiality.
  • Implementation of safeguards to prevent the sending of personally identifiable information (PII) to externally hosted language models.
Access Management
  • Customers maintain exclusive access to their data, and access by Sixfold employees requires explicit customer permission.
  • Provisioning of system access only upon formal independent approval.
  • Ongoing monitoring and review of user access to prevent unauthorized access.
Change Management
  • Secure software development lifecycle with precautions to reduce security risks during code development.
  • Thorough triaging, threat modeling, and vulnerability scanning of all code changes.
  • Code peer- and security-reviewed prior to final commit, accompanied by unit and integration tests.
Security Assessments
  • Rigorous and continuous assessments of the Sixfold platform's security to identify and address potential vulnerabilities.
  • Regular penetration testing to validate the effectiveness of security measures.
Availability
  • Regularly updated platform with no scheduled downtime for maintenance.
  • Built-in redundancy to ensure high availability of services.