PortfolioAid takes great responsibility when it comes to the security posture of its platform and overall operational processes. Below we reference just a few artifacts which are produced at least once annually and made available to our clients, which demonstrate our diligence and commitment when it comes to security. You have entrusted us with your confidential information and we commit our efforts to maintaining that trust.
Third-Party Application Security Scanning & Penetration Tests
PA360 is tested at least once annually by an independent 3rd party expert in application vulnerability and penetration testing to ensure it meets the highest standard of security and is safeguarded against known vulnerabilities.
Third-Party SOC 2 Type II Service Audit
PortfolioAid undergoes an annual SOC 2 Type II audit to assess the design and effectiveness of internal operational and information risk controls as it relates to the hosted PA360 application. This audit is conducted against the principles of security, availability, confidentiality, and processing integrity.
Tested Disaster Recovery Plans
The disaster recovery plan for PA360 production environments includes a data center in a secondary geographic site with separate power, networking and connectivity. This allows for the hosted production environment to be recoverable within a suitable time even in disaster scenarios. Recovery plans for production PA360 are tested on an annual to ensure they are up to date and effectively meeting documented targets.
Please contact us at info@portfolioaid.com for more information on PortfolioAid’s security practices and protocols and/or if you would like to request a copy of any of the above artifacts. Please note there may be some restrictions in regards to providing these artifacts as they are not intended for public distribution.