Assembled partners with one of the largest independent auditing firms in the country, The Cadence Group. They have confirmed that Assembled meets the requirements set forth in TSP section 100, 2017 Trust Services Criteria for Security, Availability, Processing Integrity and Confidentiality.
The Secure Sockets Layer (SSL) is a standard for encrypted network communication. An A+ server rating means that our protocol support, key exchange and cipher strength are operating at a high level.
The General Data Protection Regulation (GDPR) is a privacy regulation in the European Union (EU), which calls for increased data privacy for individuals.
Assembled encrypts data at rest using the industry standard AES-256 and data in transit using SSL/TLS.
Access to customer data is limited to authorized employees who require it for their job, and data access is logged and audited.
Assembled engages industry-leading firms to perform annual tests, using a mix of dynamic fault injection and in-depth study of source code.
Assembled rapidly investigates and responds to all reported security issues. Issues can be reported via firstname.lastname@example.org.
All employees complete an annual security training and employ best practices when handling customer data.
Assembled utilizes a variety of manual and automatic data security and vulnerability checks throughout the software development lifecycle.