Security & Trust

Built To Trust

Autonix is a US-based entity with data hosted on AWS. We pride ourselves on the measures we have put in place to keep our client data safe and secure. Do not hesitate to reach out to the team with any questions or concerns.

Dont hesitate to contact us with any questions: [email protected]

Infrastructure security
Control Status
Intrusion detection system utilized
Autonix uses an intrusion detection system to provide continuous monitoring of Autonix's network and early detection of potential security breaches.
Remote access encrypted enforced
Autonix's production systems can only be remotely accessed by authorized employees via an approved encrypted connection.
Encryption key access restricted
Autonix restricts privileged access to encryption keys to authorized users with a business need.
Production data segmented
Autonix prohibits confidential or sensitive customer data, by policy, from being used or stored in non-production systems/environments.
Log management utilized
Autonix utilizes a log management tool to identify events that may have a potential impact on Autonix's ability to achieve its security objectives.
Unique network system authentication enforced
Autonix requires authentication to the "production network" to use unique usernames and passwords or authorized Secure Socket Shell (SSH) keys.
Firewall access restricted
Autonix restricts privileged access to the firewall to authorized users with a business need.
Organizational security
Control Status
Anti-malware technology utilized
Autonix deploys anti-malware technology to environments commonly susceptible to malicious attacks and configures this to be updated routinely, logged, and installed on all relevant systems.
Password policy enforced
Autonix requires passwords for in-scope system components to be configured according to Autonix's policy.
Confidentiality Agreement acknowledged by contractors
Autonix requires contractors to sign a confidentiality agreement at the time of engagement.
Production inventory maintained
Autonix maintains a formal inventory of production system assets.
Product security
Control Status
Data encryption utilized
Autonix's datastores housing sensitive customer data are encrypted at rest.
System activity logged
Autonix captures system activity, including user activity, in transaction logs.
Vulnerability and system monitoring procedures established
Autonix's formal policies outline the requirements for the following functions related to IT / Engineering: vulnerability management, system monitoring.
Internal security procedures
Control Status
Incident response policies established
Autonix has security and privacy incident response policies and procedures that are documented and communicated to authorized users.
Management roles and responsibilities defined
Autonix management has established defined roles and responsibilities to oversee the design and implementation of information security controls.
Security policies established and reviewed
Autonix's information security policies and procedures are documented and reviewed at least annually.
Data center access reviewed
Autonix reviews access to the data centers at least annually.
Physical access processes established
Autonix has processes in place for granting, changing, and terminating physical access to company data centers based on an authorization from control owners.
Incident management procedures followed
Autonix's security and privacy incidents are logged, tracked, resolved, and communicated to affected or relevant parties by management according to Autonix's security incident response policy and procedures.
Development lifecycle established
Autonix has a formal systems development life cycle (SDLC) methodology in place that governs the development, acquisition, implementation, changes (including emergency changes), and maintenance of information systems and related technology requirements.
Continuity and Disaster Recovery plans established
Autonix has Business Continuity and Disaster Recovery Plans in place that outline communication plans in order to maintain information security continuity in the event of the unavailability of key personnel.
Data and Privacy
Control Status
Privacy policy established
Autonix has a privacy policy is in place that documents and clearly communicates to individuals the extent of personal information collected, Autonix's obligations, the individual's rights to access, update, or erase their personal information, and an up-to-date point of contact where individuals can direct their questions, requests or concerns.
Customer data deleted upon leave
Autonix purges or removes customer data containing confidential information from the application environment, in accordance with best practices, when customers leave the service.
Data retention procedures established
Autonix has formal retention and disposal procedures in place to guide the secure retention and disposal of company and customer data.
Privacy compliant procedures established
Autonix has documented processes and procedures in place to ensure that any privacy-related complaints are addressed, and the resolution is documented in Autonix's designated tracking system and communicated to the individual.
Customer data retained
Autonix retains customer transaction data for the life of a customer account. No historic transaction data is purged until the customer account is deleted.
Privacy policy available
Autonix has a privacy policy available to customers, employees, and/or relevant third parties who need them before and/or at the time information is collected from the individual.
Privacy policy reviewed
Autonix reviews the privacy policy as needed or when changes occur and updates it accordingly to ensure it is consistent with the applicable laws, regulations, and appropriate standards.
Privacy policy maintained
Autonix has established a privacy policy that uses plain and simple language, is clearly dated, and provides information related to Autonix's practices and purposes for collecting, processing, handling, and disclosing personal information.
Data classification policy established
Autonix has a data classification policy in place to help ensure that confidential data is properly secured and restricted to authorized personnel.

Interested in joining our team?

Hit us up and we'll get in touch with you.