Security Practices

At Alloy, we take security very seriously. In fact, we take a number of steps to mitigate any security risk. Alloy is SOC 2 Type I and II Compliant and undergoes a regular SOC audit yearly. We work with a 3rd Party monitoring system to ensure continuous compliance. Potential customers can reach out to us to request a copy of our SOC 2 Report.

SOC 2 is a report based on the Auditing Standards Board of the American Institute of Certified Public Accountants' (AICPA) existing Trust Services Criteria (TSC). The purpose of this report is to evaluate an organization’s information systems relevant to security, availability, processing integrity, confidentiality, and privacy.

In addition to SOC 2, Alloy is HIPAA, CCPA and GDPR Compliant and offers endpoints to allow Embedded customers to easily request data deletion in compliance with GDPR standards.