Security at WiseAlpha

Security at all levels

We’re committed to your security and keep it at the heart of our products, infrastructure and policies to protect your accounts and data.

WiseAlpha uses the most sophisticated technologies and best practices available to ensure that our technology stack, accounts and data, as well as networks and physical access across our organisation have the highest security and privacy.

Governance

WiseAlpha sets policies and controls, oversees adherence to these controls, and demonstrates our security and compliance to external auditors.

Our policies are based on the following principles:

• Access should be limited to only those with a legitimate business need and granted based on the principle of least privilege.
• Security controls should be applied consistently across all areas of the organisation.
• The application of controls should evolve iteratively, advancing in terms of enhanced effectiveness, heightened auditability, and reduced friction over time.

Security and Compliance

WiseAlpha maintains an ISO 27001 compliance certification and is working towards a SOC 2 Type II attestation.

Protecting the environment

WiseAlpha leverages the built-in security services of AWS (ISO-27001 compliant) and adds additional protections. We use dedicated, redundant firewall and intrusion detection systems, separated and managed environment instances, proactive 24/7 system monitoring and regular Internet security and vulnerability testing including:

• Annual penetration tests
• Static analysis (SAST) testing of code during pull requests and on an ongoing basis
• Dynamic analysis (DAST) of running applications
• Dependency scanning to prevent the introduction of malware into our software supply chain

WiseAlpha also uses multi-factor authentication, role-based account access, as well as HTTPS (TLS 1.2>) for communications.

Protecting your data

With industry-standard data protection, all data in transit and rest that interconnects with our datacenters is automatically encrypted, including encryption using 256-bit Advanced Encryption Standard (AES). Firewalls, Data Loss Prevention (DLP) and close log and activity monitoring are added protection. Your data is only accessed by those who use it. Encryption keys are managed via AWS Key Management System (KMS. Application secrets are encrypted and stored securely via AWS Secrets Manager and Parameter Store, and access to these values is strictly limited.

Protecting your privacy

WiseAlpha ensures that our technology stack, accounts and data, as well as networks and physical access across our organisation, have the highest security and privacy. Data access is limited by role, least privilege and need to access according to data protection regulations and contract agreements. We use background checks, staff training, policies and independent, comprehensive compliance audits to verify security.

Protecting the organisation

Security at WiseAlpha is everybody's responsibility. We utilise a dedicated security and compliance team and tooling that provides ongoing guidance and continually advances security. WiseAlpha uses security awareness, training and regular assessments to build in security. Protecting the organisation also includes backup, business continuity and disaster recovery practices. All corporate devices are centrally managed and are equipped with mobile device management software and anti-malware protection. Endpoint security alerts are monitored with continuous coverage. We use MDM software to enforce secure configuration of endpoints, such as disk encryption, screen lock configuration, and software updates.

Protecting the software environment

WiseAlpha builds security controls into our software. We implement secure SDLC practices, encrypted password storage, tightly controlled and monitored access to development, testing and operational environments. Multi-factor authentication is used for all system access and for SSO and integrations we support industry standards like OpenID Connect and SAML.