Enterprise Ready & Compliant
SOC 2 Type 2
Prelay is SOC 2 Type 2 compliant, as audited by an independent firm.
Prelay is GDPR compliant and handles personal data in compliance with EU laws.
Security and Reliability
All data is encrypted at-rest with full-disk encryption using AES-256 or better. All data transmitted to Prelay, or transmitted within the Prelay network, is encrypted in-transit using TLS 1.2 or newer.
Prelay uses Google Cloud Platform (GCP) for hosting of staging and production environments. GCP data centers are protected by 24/7 security monitoring, biometrics, and are ISO 27001 and SOC 1/2/3 certified.
Single Sign-On (SSO)
Prelay offers Single Sign-On, which allows customers to authenticate users using their own systems, eliminating the need for users to maintain and protect additional login credentials.
Fault Tolerance and Data Durability
Prelay deploys multiple redundant application servers and databases with automatic failover to ensure high availability, along with regular automated backups.
Commitment to Security
Prelay employs independent security firms to perform annual penetration testing, to actively uncover and eliminate vulnerabilities in our application.
Employee Security Training
Securing our customer's data is a team effort. Prelay employees undergo annual security training to stay up-to-date with security best practices. Employee laptops are protected by security policies, including strong passwords and full-disk encryption.
Secure Software Development
The Prelay engineering team utilizes secure coding practices, and employs manual and automated vulnerability testing as part of our software development lifecycle.
Restricted Data Access
Access to customer data is limited to authorized employees who require it for their job, data access is logged and protected by two factor authentication.
If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at firstname.lastname@example.org.