Information Security
Overview
Devensoft is ISO 27001 compliant and SOC 2 Type II audited annually.
We are trusted by some of the largest global companies to safeguard their data.
Along with its infrastructure partner Amazon Web Services (AWS), Devensoft supports a vast array of compliance programs. With many global public companies on our M&A platform, we are committed to protecting our customers’ data across the globe.
Your Privacy & Data Security
We know customers care deeply about their privacy and data security. That’s why we have implemented sophisticated technical and physical controls designed to prevent unauthorized access to your information.
Your Privacy & Data Security
We know customers care deeply about their privacy and data security. That’s why we have implemented sophisticated technical and physical controls designed to prevent unauthorized access to your information.
Access
Customers can manage access to their application instance and content. We provide an advanced set of data access and logging features to help you do this effectively. We support both user and role based permissions.
Encryption
We provide strong encryption for content in transit using SSL and at rest using AES 256-bit encryption.
Database Security
All data at rest is secured using disk-level encryption. All data that is backed up is equally encrypted.
Audit Logs
The application tracks all logins and data changes at a data field-level by user. A comprehensive Audit Report can be run by the customer at any time.
Storage
Our primary hosting region is in the US East (Northern Virginia). However, customers may elect our EU hosting region to process and store their data based on their legal and regulatory requirements.
Customer Data
You maintain ownership of your data at all times. You can export and import your data at any given time.
Single Sign On & MFA
We support SSO for Active Directory, PingID, Okta and other identity providers and Multi Factor Authentication.
Intrusion & Malware Protection
We use state-of-the-art security software that provides intrusion detection and prevention, anti-malware, file and system integrity monitoring, and log inspection.

SOC Reports
The SOC 2 Security & Availability and SOC 3 Security Reports are prepared in accordance with Attestation Standard Section 101 (AT 101) which is a standard that enables an auditor to report on subject matter other than financial statements based on the AICPA Guide Reporting on Controls at a Service Organization Relevant to Security Availability, Processing Integrity, Confidentiality, or Privacy and Trust Services Principles and Criteria.

EU GDPR Compliance
Devensoft customers can choose to use one region, all regions or any combination of regions where their data will be stored. This allows customers with specific geographic requirements to establish environments in a location(s) of their choice.

Cloud Security Alliance

SOC Reports
The SOC 2 Security & Availability and SOC 3 Security Reports are prepared in accordance with Attestation Standard Section 101 (AT 101) which is a standard that enables an auditor to report on subject matter other than financial statements based on the AICPA Guide Reporting on Controls at a Service Organization Relevant to Security Availability, Processing Integrity, Confidentiality, or Privacy and Trust Services Principles and Criteria.

ISO 27001 Certified

EU GDPR Compliance
Devensoft customers can choose to use one region, all regions or any combination of regions where their data will be stored. This allows customers with specific geographic requirements to establish environments in a location(s) of their choice.
