Platform – Security Data Protection and Information Security

HAWK:AI has an extraordinary responsibility for our client’s data and the flawless, reliable operation of the critical service we provide to them. It’s a matter of Trust, our client’s Trust.

This starts with hiring people with a security mindset and includes background checks, regular trainings of all employees, and constant reminders of security threats. Security is at the forefront of our daily work.

In line with ISO 27001 requirements, we maintain an Information Security Management System (ISMS) to proactively manage risks and review our controls via internal and external audits.

We constantly challenge ourselves to get better, this includes testing our security regularly with vulnerability scans, penetration testing and testing the implementation of all internal policies.

Security is embedded in all stages of software development, including four-eye review of every piece of code and code change, OWASP Training, automated security tests, Code scanning, end2end tests and more. We apply these practices to all our code - from Backend, Frontend and Data Science to our Infrastructure Code.

Our 24/7 monitoring provides extensive coverage of our cloud services from component and hardware level through to code. The monitoring and alerting are focused on both availability and security aspects and enable prompt responses by our on-duty team experts who have the authority to act.

We apply state-of-the art technology to detect and alert us to intrusions or abnormal, potentially malicious, behavior on our environments.

We have established comprehensive Identity and Access Management Policies. Our Access Management policies follows the “principle of least privilege.” Our primary method of assigning and maintaining consistent access controls and access rights is through the implementation of Role-Based Access Control (RBAC). Including but not limited to Multifactor Authentication (MFA), system access protected via VPNs, strict password policy, and Single-Sign-On (SSO).

Per our application design, all GDPR relevant Personal identifiable information (PII) data gets tokenized, stored separately, and encrypted from the rest of the data. Through this separation the PII data elements do not allow for the tracing/matching to an individual. Access to the data, which is needed for case investigation, is secured with a roles and rights system, gets logged with an audit trail, and can only be seen on individual case basis and never through any mass action.

HAWK:AI follows industry best practices and is GDPR and ISO  27001 certified.

Download the ISO certificate here.

Download the GDPR certificate here.

All data is encrypted in transit and at rest. We use AES on all information systems to ensure the highest standard of encryption. We have deployed HashiCorp Vault to store secrets and manage key rotation.

Our systems are protected by sensitive Web Application Firewalls (WAF), allowing for finer management of incoming and outgoing traffic.