Committed to security every step of the way
Faraday understands that you are entrusting your most valuable business data to us. We adhere to the highest security standards to keep your data secure at all times.
PROVEN TRACK RECORD
Faraday has been in business since 2012 and has safely handled the data of hundreds of major US brands with zero known security breaches.
Faraday is SOC 2 Type 2 audited by Wipfli, LLP.
Faraday has a NIST 800-53 SP Risk Management Program in place.
THIRD PARTY VERIFICATION
Faraday has an active bug bounty program with HackerOne. Faraday continuously scans all services with Detectify for OWASP Top 10 and other vulnerabilities.
Faraday’s leadership team has extensive experience with secure technology. They previously built secure services for the financial industry, working with MasterCard, VISA, and Bank of America.
All of Faraday’s employees are regularly trained in both human and technical security matters, including anti-phishing.
Faraday is HIPAA compliant and will sign HIPAA Business Associate Agreements (BAAs).
Faraday is CCPA compliant and will accept do-not-sell, data access, and data deletion requests. We will sign CCPA data processing addendums (DPA).
Faraday is GDPR compliant and will sign GDPR data processing addendums (DPA). We do not process European data, but instead immediately delete it once it has been detected.
Faraday encrypts data at rest and in transit. We are hosted on Amazon Web Services and Google Cloud Platform, who handle all physical security.
POLICY AND PROCEDURES
Faraday has documented security policies and procedures that are available upon request.