How does Altostrat secure my data?

Altostrat implements a layered security approach that includes encryption (in transit and at rest), granular access controls (Okta SAML + biometrics), regular audits, and strict DevSecOps best practices guided by the AWS Well-Architected Framework.

Are you compliant with any industry standards?

While we are not currently SOC 2 certified ourselves, we follow AWS WARF guidelines and rely on SOC 2 certified partners (including AWS and Vultr). We also comply with GDPR and maintain robust security controls that align with industry best practices.

How does Altostrat handle security incidents?

We have a dedicated incident response team that investigates and communicates promptly should any incident arise. We also partner with Vultr and AWS teams when necessary, leveraging their documented incident management processes.

Does Altostrat offer multi-factor authentication?

Yes. We require MFA for all user accounts in our system to provide an extra layer of security beyond just passwords.

How can I report a security vulnerability?

Please email security@altostrat.io with detailed steps to reproduce the issue. We request that you do not publicly disclose the vulnerability until we've had the opportunity to address it.

Where is my data stored?

Your data is stored in secure AWS data centers, with some VPN infrastructure hosted by Vultr (ISO 27001 and SOC 2 certified) for optimized connectivity. Both providers have stringent physical and logical security measures.

Enterprise-Grade Security & Data Protection