As a founding team with decades of combined experience in security, we are committed to ensuring security and compliance by creating policies and controls, as well as overseeing adherence to these controls.
As of April, 2024 furl is SOC 2 Type II compliant. This achievement indicates that our handling and processing of customers’ data meets key security standards. The protection of customer data is the highest priority for our team and we’re committed to building a robust security & compliance program. To request access to the furl Trust Center and SOC 2 Type II report, please submit a request at our Trust Center or email support@furl.ai.
All persistent customer data at rest, including S3 buckets, are encrypted. Row-level, customer data segmentation is also employed to ensure customers have confidence in data isolation.
All external data transmission is encrypted in transit according to NIST Cryptographic standards.
All secrets are stored in a secure, encrypted vault. Access to this vault is restricted to a small number of authorized employees. Secrets are never stored in plaintext.
We use automated tools to scan our applications and infrastructure for vulnerabilities. These tools are run on a regular basis.
Our product is designed to avoid dependency on any single LLM service provider. Our results are backed with concrete auditable data to prevent hallucinations. User data is not used to train our models without explicit permission.
Centralized management oversees all corporate devices, each equipped with mobile device management software. Endpoint security alerts receive constant monitoring through 24/7/365 coverage. Our implementation of MDM software ensures the enforcement of secure configurations on endpoints, including disk encryption, screen lock configuration, and software updates.
All employees are required to complete security awareness training on an annual basis. This training covers topics such as phishing, social engineering, and password security.
We conduct security reviews of all third-party vendors that have access to our systems or data. These reviews include a review of the vendor’s security policies and procedures.
We take data privacy seriously. We have implemented a number of measures to ensure that your data is safe and secure. For more information on our privacy practices, please see our Privacy Policy.
If you believe you have found a security vulnerability in furl or have a question relating to our security policies, please contact us at support@furl.ai.
