Blog

Building Trust: 3 Steps We're Taking to Secure Customer Data

Buy ElementBuy Omni

by

Awair

February 11, 2022

Let’s set the scene: You want better insight into the indoor environment so you can stay informed about the health of your building and, more importantly, the health of your employees. You are excited to finally have a continuous, real-time air quality monitoring solution at your fingertips where you can easily track trends over time and make improvements. But, have you considered who has access to this data besides you and how secure your systems are? 

At Awair, we care about your data and people just as much as you do. Building trust with our customers is a principle we live by. This is why we are offering the top of the line enterprise-level security features in 2022. We want you to breathe easy and never worry about potential threats.


1. SOC 2 Type 2

If you’re not familiar with SOC 2 Type 2, this stands for Service Organization Control. It is an internal controls report that details how we safeguard customer data and how those controls are operating. Barr Advisory, an independent third-party auditor, performs the audit annually and has worked with other large-scale tech companies, including SHI, Enseva, and C2FO. These lasting security measures allow us to address questions that may arise during our conversations with IT and Security teams.

2. Security Penetration Test

The abbreviated version of this security initiative is “PenTesting.” We conducted this assessment with an independent third-party company. During this exercise, a cybersecurity expert attempted to find vulnerabilities within our system. The form of ethical hacking allowed us to test the robustness of our security and mitigate any security concerns before releasing to production. 

In addition to the PenTest, we leverage security risk management software to monitor internal operations. We also use a leading security vulnerability scanning tool to automatically scan and notify about potential threats during product development and release. For instance, when a serious internet vulnerability known as Log4j was widely reported in the media, we identified that it did not affect us and passed this information along to our customers so they knew they were not susceptible. Beyond having our own security protocols in place, we want our partners to know how we are responding to popular security issues and challenges.

3. SSO

We leveraged Okta, the leading identity platform trusted by 14,000 global organizations, as our backbone to support Single Sign-On Service. This tool allows our customers’ administrator to invite and grant access to Awair’s app and Awair Dashboard using an identity management method central to their organization. This protocol simplifies the user management and reduces the risk of users having to maintain multiple logins.

Ongoing Focus on Security Enhancements 

The SOC 2 Type 2, Security Penetration Test, and Single Sign-On Service are just a few of the ways we are growing our security program at Awair. Just as we believe in greater visibility of IAQ data, we also believe in transparency of security efforts. We are carrying out regular testing protocols and evaluating customers’ needs. We value your trust and will continue to maintain our SOC 2 Type 2 audits for compliance along with annual PenTesting. 

As your IAQ partner, we will continue to keep your data secure. Reach out to talk with an Account Manager today. We are happy to answer any questions you have about the extra layers of security that we have in place and where we are going in the future.

References: