Our platform is built with Enterprise-grade security to protect your data. Aivo, an Engageware Company upholds best-in-class industry security standards, protocols, procedures and training across our global platform.
Book a demo
Our products utilize both the AWS and GCP clouds to deliver best in class service. Our products are delivered in a high availability architecture by using multiple Availability Zones and secured using endpoint protection technologies like EDR and network segregation, and frequent patching.
Our applications are engineered to follow OWASP secure coding best practices. Our SLDC employs third party security checks, vulnerability detection, peer reviews, and consists of multiple QA and UAT environments. Application penetration tests occur regularly.
Protection of your data is important to us. We comply with data privacy standards such as GDPR, CCPA, and the PDPA. In-transit and at-rest encryption using secure protocols and ciphers are enforced.
All personnel at Aivo, an Engageware Company are required to undergo security and data protection training every year. Monthly refresher training courses and consistent phishing tests help keep us ready. Comprehensive background checks and annual policy reviews help keep our policies and procedures top of mind for the entire staff.
Aivo, an Engageware Company, safeguards client information with strict adherence to SOC 2 standards. Our SOC 2 compliance certifies that we have implemented robust controls, including data encryption, access management, and 24/7 system monitoring, to protect sensitive data.
Aivo, an Engageware Company is in compliance with the General Data Protection Regulation (GDPR). We ensure that your personal information is handled with the utmost care. Our products are designed to give you control over your data. You have the right to access, correct and delete personal data at any time.
Our Conversational AI products at Aivo, an Engageware Company, also are certified against the Information Security Management 27001 (ISO/IEC 27001) standard. This standard ensures our products meet rigorous international standards for managing and protecting data.
Our production environment is completely separate from DEV, TEST and QA. We leverage multi factor authentication and RBAC permissions from our corporate Identity Provider to provide auditable access controls to only those that need it.
To guarantee data protection, we use strict access controls along with robust encryption.
Our staff doesn’t access or interact with customer data or applications as part of normal operations. All of our Enterprise customers’ data is encrypted using TLS 1.2 or higher protocols. Implementing TLS establishes the use of strong, industry-approved encryption.
Data stored at rest is encrypted using the AES-256 algorithm.
Our production environment is completely separate from DEV, TEST and QA. We leverage multi factor authentication and RBAll applications are supported by redundant services across 2 or more zones (data centers). This helps ensure even with a zone outage, our service will still be available.
Database replication has also been implemented with a master-slave setup, each with automatic replication in a different zone. This deployment automatically provides and maintains synchronous standby replication within a different availability zone.
The entire solution is behind a load balancing cluster that handles distributing the workload among all the instances.
We offer our services through multi-tenant architecture. This means the application and infrastructure are shared among several customers.
To ensure the confidentiality, integrity and availability of customer information, our solution ensures that:
• Each customer can only access their own data and metadata
• Dynamic scalability to satisfy peak demand
• Each customer can only see their settings and customizations
We are GDPR-compliant. We protect the personal data of customers and users thanks to specially designed technical, physical and administrative security measures.
The data we collect is strictly detailed in our Privacy Policy.
We only use the collected information in accordance with this policy and for specifically stated reasons.
We guarantee the data protection rights of customers and users and provide a way to exercise them effectively.
If you have any concern, contact security@aivo.co
Yes. We support any SAML-based SSO Identity Provider. We actively encourage the use of Single Sign-On.
At Aivo, we have our own ISO certifications (ISO 27001 and ISO 9000), ensuring compliance with legal requirements and secure handling of information. The remaining certifications are from our cloud infrastructure provider, Amazon Web Services (AWS aws.amazon.com/security).
Our production environment is completely separate from DEV, TEST and QA. Aivo doesn't use data from the production environment in other environments.
We have AWS IAM to manage separate and restricted AWS credentials for each of our environments. This limits the services available for each environment and divides them into compartments.
Thanks to strict role-based access control (RBAC), we avoid any type of incorrect access. We also use two-factor authentication for this kind of access.
To guarantee data protection, we use strict access controls along with robust encryption.
Aivo staff doesn't access or interact with customer data or applications as part of normal operations, unless requested or as required by law.
All of our customers’ data (whether stored or traveling over public networks) is encrypted using TLS 1.2 or higher. Implementing TLS establishes the use of strong, industry-approved encryption.
Databases are encrypted using the AES-256 algorithm.
Aivo has developed a high availability setup based on active-active clusters, supported by the use of multi zones, ensuring that each service is active in at least three computer centers simultaneously.
Database replication has also been implemented with a master-slave setup, each with automatic replication in a different zone. This deployment automatically provides and maintains synchronous standby replication within a different availability zone.
The entire solution is behind a load balancing cluster that handles distributing the workload among all the instances.
We offer our services through multi-tenant architecture. This means the application and infrastructure are shared among several customers.
To ensure the confidentiality, integrity and availability of customer information, our solution ensures that:
We are GDPR-compliant. We protect the personal data of customers and users thanks to specially designed technical, physical and administrative security measures.
We don't store sensitive customer information. The data we collect is strictly detailed in our Privacy Policy.
We only use the collected information in accordance with this policy and for specifically stated reasons.
We guarantee the data protection rights of customers and users and provide a way to exercise them effectively.
If you have any concern, contact our Privacy Officer: Florencia Scarafía (legal@aivo.co)
We have external providers that regularly analyze and monitor our apps and network to detect vulnerabilities. This helps us avoid potential security problems on our apps, servers and network layers. Assessments include:
We also perform regular static and dynamic code reviews.
Honoring our commitment to constantly improve cybersecurity, Aivo added SSO access to the platform. You can login to my.aivo.co through different protocols, such as SAML.
With a single point for login and credentials, productivity and user experience are enhanced. At the same time, it reinforces the company's security against the threats of modern digital life.
All system events are recorded in a central registry, with any unusual event marked for review.
All the user's actions are recorded in a secure access log, which recognizes the user's information, the time stamp, the IP address, etc. and the resources that are accessed. This information can then be retrieved quickly if a forensic investigation is needed.
We plan to always inform our customers about incidents related to their data security (as soon as it's safe and wise to do so), and we'll share any relevant information to allow customers to take any necessary steps on their end.
We're working non-stop to ensure our system is as secure as possible. If you have any questions, contact our security team at security@aivo.co
Can we use cookies to track your activity? We take your privacy very seriously, that's why you can check out our Cookie Policy for more details.
.svg)
