Many EHS software vendors say that their solutions are designed and tested to ensure the security and privacy of your data, but at VelocityEHS, our commitment to protecting your data is more than just talk. For example, we are one of the only providers to provide SOC 2 Type II-compliant controls across our entire solution stack.
Site & Data Security
SOC 2 Compliant
Since 2011, the VelocityEHS Platform has been annually certified by third-party audit firm Auditwerx for compliance with AICPA SOC 2 Type II standards (formerly SAS 70). Adherence to SOC 2 also ensures close alignment with a wide range of national and international data protection requirements, including PIPEDA, ISO 27001, HIPAA, CSAE 3416 Type 2, ISAE 3402 Type 2, EU-GDPR, Privacy Shield, and similar Safe Harbor principles. Learn more
Our Infrastructure is designed for 24/7 operation, with built-in redundancy at every point of our SaaS solution. Climate controlled data centers, redundant storage and flash arrays, load-balanced web applications, robust database platforms, and redundant hardware are among the many highlights.
VelocityEHS leverages strong encryption to protect your data, supporting the highest Transport Layer Security, ensuring all data transmitted between your web browser and our servers remain private and integral.
Data Protection and Backup
All customer data is continuously backed up and stored at a secure off-site facility.
Our secure hosting facility is equipped with state-of-the-art security features, including 24-hour staffing, photo identification systems, and biometric identification devices.
A valid username and password are required to access all elements of the VelocityEHS SaaS platform. All transactions are authenticated.
Operating System Security
VelocityEHS enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all system accounts with passwords and follow best practices for regularly modifying them. All servers are regularly patched with the latest security patches and updates.
Our Infrastructure is continuously monitored for attempted network attacks on a 24/7 basis, employing a suite of dynamically-updated leading-edge Firewalls and software tooling including Anti DDOS, Antivirus / Malware Inspection, and Intrusion Detection Systems/Intrusion Prevention Systems (IDS/IPS).