agencyEZ Security & Compliance
Our platform is a highly-secured, private-cloud environment in Amazon Web Services (AWS) with 24-hour, 7-day-a-week access for employees, employers, agencies, and carriers.
How we keep our platform and customers secure.
SOC 2 and HIPAA Compliant
uOur SOC and HIPPA-compliant application uses a comprehensive proprietary framework that weaves into the underlying Server Security Infrastructure.
We use a compliance monitoring third-party software (Vanta) for a continued adherence with SOC 2 compliance.
Restricted Server Access
Key application infrastructure servers are hosted in a VPC environment with no public visibility. Access requires a private key file. Servers are further protected by a Web Application Firewall following OWASP guidelines to prevent security threats.
Information Services via Secure API
Our security architecture uses a stateless model that provides information services using a secured API. These services help understand a user’s identity to guarantee that only information specific to that user is shown.
Multi-Factor Administrative Accounts
Our administrative AWS accounts are subject to multi-factor authentication upon every login via Google Authenticator. Our development and production sites are maintained independently.