Putting security first
Built from the ground up to safeguard your data. Interfold is SOC2 certified and follows the criteria set forth by the SOC 2 Framework.
Information Security Program:
At Interfold, security is our top priority. Interfold’s Information Security Program weaves best practices into our engineering architecture, software development, and culture. Our Information Security Program follows the criteria set forth by the SOC 2 Framework.
Below, we describe examples of the measures that we take to protect the data, security, and privacy of clients and the client’s customers.
Compliant with global data protection and security frameworks
Passwords/Sensitive Data
All sensitive data and passwords are stored securely with enterprise-grade encryption.
AES-256 encryption standard
We use an AES-256 encryption standard to keep data private and secure.
Server Side Encryption with KMS (SSE-KMS)
Financial documents are stored using Server Side Encryption with KMS (SSE-KMS) and AES-256 GCM encryption standard. We use enterprise-grade key management with restricted access.
Access Security
Access Control
No employee will have access to a customer’s financial data - all such access will be restricted and will only be provided to resolve/triage production issues. When employees leave the company we revoke their access to the code base and other resources.
Authentication
We use industry-leading authentication for Identity and Access Management (IAM).
Code Base
Access to code base is protected by 2 Factor Authentication (2FA).
Other
Vendor and Risk Management:
Every vendor we engage is thoroughly vetted for their security posture and security practices followed evaluated.
Software Development Process
Code is stored and maintained in secure version control systems with access gated by 2 Factor Authentication (2FA). Code commits are peer reviewed and code architecture is overseen by senior engineers.
Grow With Interfold
Modernize user experiences with Interfold
2024 Interfold. All rights reserved