Vestorly Security and Privacy

Category: Security

SECURITY

Vestorly’s security features are built for the enterprise.

  • Webpages are hosted over SHA-256 bit SSL
  • Secured off-site data storage
  • Multi-factored authentication
  • Industry standard JWT

 

Bank Level Security

Vestorly follows the industry standard security practices for safeguarding enterprise customer data. This includes following the Security Development Lifecycle for software development that helps ensure secure software and security compliance, and use of 128-bit security sockets layer for privileged communication. Vestorly will never store or maintain active account or portfolio data, only marketing activity data and demographics. PII and client data is not shared any 3rd parties.

 

SAML and SSO Integration

Vestorly integrates into your existing applications or dashboard using SAML 2.0 SSO.

Vestorly integrates into your CMS via standard Atom/RSS feeds

 

Vestorly Security Development Lifecycle

  • Ensures secure software through security compliance
  • Security reviews and automated security testing
  • 24/7 monitoring
  • Intrusion detection
  • TLS-only AES encrypted SSL channels
  • Wide use and support of MFA
  • JWT (JSON Web Tokens)

cycle

PRIVACY

  • Only low-grade PII (Name, Email) and behavioral event data
  • Flexible privacy statements in place for notification
  • Best practices management around subscription settings and list management
  • SOC 2 / SASS16 Cloud Infrastructure