Security

At Fund Recs, security is embedded in everything we do, ensuring that our clients' data is protected at every layer. Our platform is designed with advanced security measures, allowing you to trust that your data is always safe and secure.

Compliance

At Fund Recs, we are fully compliant with industry standards and certifications, providing transparency and confidence in our security practices:

  • ISO 27001:2013 Certified – Our security controls have been audited by a third party, and we hold the ISO 27001 certification.

ISO27001

  • SOC 2 Type II – Our platform undergoes regular third-party audits to ensure the effectiveness of our security controls.

21972-312_SOC_NonCPA

  • Cloud Security Alliance STAR Registrant – We participate in the Cloud Security Alliance (CSA) program, enabling clients to verify our adherence to cloud security best practices.

CSA

Information Security

Encryption in Transit

All data sent to or from the Fund Recs platform is encrypted using Transport Layer Security (TLS) 1.2, ensuring secure communication across networks. Our web application is accessible exclusively over HTTPS, with encryption protocols regularly updated to meet industry standards. File transfers are only through secure protocols via SFTP.

Encryption at Rest

Client data is stored using Amazon Web Services (AWS) infrastructure including RDS, Dynamo and S3, where all data at rest is encrypted with AES-256, a trusted encryption standard. All configurations (for example passwords) required by the Fund Recs web application are stored within secret manager and are encrypted 
at rest.

Encryption Keys

Encryption keys are created and managed using AWS-KMS (Key Management Service). The key material is generated within hardware security modules (HSMs) managed by AWS KMS.

Proactive Threat Detection and Monitoring

Fund Recs employs advanced monitoring tools like AWS-Guard Duty and a Security Information and Event Management (SIEM) system to detect, analyze, and respond to potential threats in real time. Our 24/7 monitoring ensures that any suspicious activity is addressed promptly, with automatic alerts to our security team through JIRA for immediate action.

User Access Controls

Authentication

Fund Recs supports Single Sign-On (SSO) via SAML, allowing our clients to enforce their own authentication policies seamlessly.

For added security, multi-factor authentication (MFA) is mandatory for all users, safeguarding access to the platform.

Password Policies

Strong password policies are enforced for Fund Recs web application users.

Role-Based Access

Access within the Fund Recs platform is controlled using custom Identity and Access Management (IAM) roles, ensuring that clients only have access to their specific data. 

Network Access

Clients benefit from network-level access controls such as IP restrictions, ensuring that only authorized networks can access the platform. 

Anti-Virus Scanning

All files uploaded by users are scanned for malicious content. Applications block the usage of a file if any malicious content is found.

Stability and Availability

High Availability and Disaster Recovery

Fund Recs' infrastructure is designed with resilience in mind. We have load balancing in place and automatic failover to multiple backups sites in the event of a disaster.

Data Segregation

Client data is stored in dedicated environments, with separate encryption keys for each client to prevent data overlap. This ensures that each client’s data remains isolated and secure.

SOC logo

Fund Recs SOC 2 Type 2 Compliant

Fund Recs System and Organization Controls (SOC) Type 2 Report is an independent third-party examination report that demonstrates how Fund Recs achieves key compliance controls and objectives. The purpose of the report is to help you and your auditors understand the Fund Recs controls established to support operations and compliance. Our SOC 2 Type 2 report is available on demand. 

ISO 27001:2013

Fund Recs is ISO 27001:2013 certified

ISO 27001:2013 (the current version of ISO 27001) provides a set of standardised requirements for an Information Security Management System (ISMS). The standard adopts a process based approach for establishing, implementing, operating, monitoring, maintaining, and improving your ISMS.

Data Encryption

Data Encryption

Data is encrypted in transit and at rest. All data over the web is transmitted via HTTPS, a secure encryption protocol and data is stored in encrypted format using 256-bit Advanced Encryption Standard (AES). All client data is fully segregated on separate database instances.

Enterprise Security

Enterprise Security

Fund Recs incorporates several Enterprise grade security features including:

  • Multi-factor Authentication
  • Single Sign On available (SSO)
Penetration Testing

Penetration Testing

Fund Recs has regular penetration tests carried out by a certified independent vendor.

Security Updates

Morbi sed imperdiet in ipsum, adipiscing elit dui lectus. Tellus id scelerisque est ultricies ultricies

About Amazon Web Services Security & Compliance

About SOC 2 Type 2 Compliance

About ISO 27001 certification

About Multi-factor Authentication

About Single Sign On (SSO)

About Penetration Testing