Pontera systems are on a private network, behind multiple independent levels of firewall and within a physically and electronically secured facility. Access to Pontera's servers is restricted to a limited number of administrators with personal access keys, restricted IPs, and secure channels.
SOC 2 Type II compliant
Pontera is SOC 2 compliant, indicating our use of industry-leading standards for information security. Available upon request, Pontera's SOC 2 Type II report has been issued by EY and covers the AICPA’s Trust Services Principles and Criteria for Security, Availability, Confidentiality, and Privacy.
Pontera uses bank-level encryption on data in transit and at rest. This includes HTTPs encryption for communications between Pontera customers and the website; TLS (1.2+) between the client and Pontera servers, and AES 256-bit encryption on all data.
Monitoring and insurance
Pontera employs system monitoring, vulnerability testing, and regular penetration testing– as well as asset management best practices. The Company holds cybersecurity insurance through AIG as well as crime insurance through Heritage Insurance.