How We Protect Your Business

Our customers rely on Aternity data to make critical business decisions. That’s why we continually strive to protect the integrity of your data and ensure that our SaaS exceeds your expectations.

Four Pillars of Trust
Green-Security-1
Security

Aternity SaaS teams leverage tools, technologies, and processes to design, build, deploy, operate, and maintain a strong foundational security platform for our customers.

Green-Gears-1
Privacy

Flexible configuration options to protect the privacy of users whose data is collected. Our agent’s privacy settings and regulatory compliance exceed industry standards.

Green-Actions-10
Compliance

Aternity undergoes rigorous audits by third-party services. Our protocols are transparent, documented, and verified, including SOC2, HIPAA, and GDPR.

Green-Applications-1
Reliability

Aternity SaaS is designed using industry best practices to deliver secure, highly available solutions, 24x7, around the world.

Independently Audited and Certified Compliant

SOC 2 Type 2 Compliant

Our privacy controls are examined at least once a year by a qualified and independent third-party auditor as part of our SOC 2 Type 2 audit. Our SOC 2 has been in place for five years.

Get More Info
General Data Protection Regulation

Aternity currently complies with applicable data protection regulations and GDPR compliance across its relevant services.

Learn More
Health Insurance Portability and Accountability Act

An independent third-party accounting firm has certified that Aternity's control environment satisfies the requirements of the HIPAA Security Rules, and conducts ongoing regulatory compliance audits.

Learn More

Security

We employ a wide range of the latest in security features and safeguards native to our software and part of the operational and technical security fabric used to maintain visibility and control of our SaaS environment.

Architectural and technical controls

The security function leverages an array of layered operational and architectural controls designed to further secure our customer environments.

Incident response

Our security operations team acts quickly to remediate security issues when they are detected.

Secure development lifecycle

Our design approach embeds security and privacy into software development processes, from threat modeling to secure design reviews.

Vulnerability management

We use a variety of automated and manual methods to regularly inspect our code and monitor our infrastructure to identify and remediate vulnerabilities.

Testing and verification

A dedicated team regularly reviews our SaaS service components for security capabilities, and ensures we have the correct people, processes, and technical controls to protect customer data.

Single Sign-on (SSO)

Aternity console access is protected via your own SSO/SAML 2.0 identity provider of choice, with two factor authentication, if enabled.

Agent security

Aternity’s data collection agent is digitally signed to prevent tempering and include several anti-hack security measures, including ASLR, DEP, and SEH.

IP filtering

Aternity allows you to define IP filtering to limit access only to approved offices or networks.

Privacy

Flexible configuration options to protect the privacy of collected user data. You can exclude certain application data, encrypt PII fields, and set permissions for who can view PII. All data is encrypted in transit and at rest.

Privacy policies

Our privacy policy reflects our commitment to protecting personal data. It provides details on the type of personal information we collect, how we store it, how we use it, and what rights individuals have and how to exercise them.

Read our Policy
GDPR

The GDPR reinforces existing data protection principles in the European Union (EU) and expands legal protections and privacy rights for EU citizens. See how Aternity supports our customers GDPR compliance

More about GDPR
International Transfers of EU Personal Data

This document provides information about the data transfer mechanisms used by Aternity to transfer personal data out of the EU in light of the July 16, 2020 decision of the European Court of Justice (“ECJ”).

Read More
Sub-processors

We perform due diligence reviews to assess the privacy and security practices of our sub processors, who are required to enter into appropriate security, confidentiality and privacy contract terms based on the risks presented by the assessment, including data processing terms as required by applicable law.

Learn More
Privacy data profile & data maps

In addition to performance measurements like wait times, response times, or resource consumption, Aternity also collects descriptive attributes, which add context to the performance measurements to
help troubleshoot problems, e.g., device name, user name, location name, application name.

Learn More

Compliance

Aternity undergoes rigorous audits by third-party services—our protocols are transparent, documented, and verified, including SOC2, HIPAA, and GDPR.

SOC 2

Aternity’s privacy controls are examined at least once a year by a qualified and independent third-party auditor as part of our SOC 2 Type 2 audit. Our SOC 2 has been in place for five years and covers security, availability, confidentiality, and privacy.

Get report
HIPAA security rules

Aternity's control environment is examined at least once a year by a qualified and independent third-party auditor who has found that Aternity satisfies the requirements of the Health Information Insurance Portability and Accountability Act (HIPAA) Security Rules.

Penetration test

We engage an independent third-party auditor to conduct penetration tests of Aternity SaaS and its APIs at least once a year.

Get report
Cloud Security Alliance CAIQ

Aternity has documented and published our security controls in the Cloud Security Alliance (CSA) Consensus Initiative Assessment Questionnaire (CAIQ). This documents our commitment to the key principles of cloud security – transparency, rigorous auditing, and adherence to standards with continuous monitoring.

Reliability

Aternity SaaS is designed using industry best practices to deliver secure, highly available solutions, 24x7, around the world.

SLA overview

Aternity’s SLA covers our service commitments, credits, and associated processes.

Read our SLA
Architecture overview

We implement multiple layers of redundancy to ensure that the SaaS environment is available 24x7.

See architecture article
Disaster recovery and business continuity overview

Our built-in processes and workflows back up data for fast recovery times in the unlikely event of a local outage. We maintain comprehensive Disaster Recovery sites in different availability zones for each data center in North America, Europe, and Asia. We test our Disaster Recovery procedures monthly for each environment.

Proven track record

Aternity has maintained monthly availability of over 99.95% for the last 5 years of SaaS operation.

Confidentiality Notice and Confidentiality Terms

The confidential information of Aternity LLC (“Aternity”) available at www.aternity.com/trust-center (“Aternity Confidential Information”) is subject to the terms of the applicable agreement between you and Aternity. If you are not a party to an agreement with confidentiality provisions applicable to the Aternity Confidential Information, the terms set forth in the following paragraph are the confidentiality provisions applicable to your access to, and use of, the Aternity Confidential Information.

These terms constitute a legally binding agreement between you and Aternity. Please read them carefully. By accessing or viewing the Aternity Confidential Information, you agree to these terms on your behalf or on behalf of the entity with which you are employed, affiliated or associated. You represent that you have the authority to bind the entity to these terms. If you do not have such authority or are not willing to be bound by these terms, do not view or access the Aternity Confidential Information. By accessing or viewing the Aternity Confidential Information you acknowledge and agree that these files are the confidential information and trade secrets of Aternity. You will use the same degree of care that you use to protect the confidentiality and trade secret status of the Aternity Confidential Information as you do to protect your own confidential information of like kind (but not less than reasonable care) and you will not use the Aternity Confidential Information for any purpose other than to use Aternity’s products and services or evaluate the purchase of Aternity’s products and services. Except as otherwise authorized by Aternity in writing, you will to limit access to the Aternity Confidential Information to those who need that access for these purposes and who have executed confidentiality agreements with you containing protections no less stringent than those in these terms. You will not disclose Aternity Confidential Information to any third party other than your affiliates or your respective directors, officers, employees, agents and advisors (including, but not limited to, attorneys, accountants and third party consultants) (collectively, “Representatives”) without Aternity’s prior written consent and you will remain responsible for your affiliate’s and Representative’s compliance with this paragraph. You may make disclosures required by law or court order provided you use diligent reasonable efforts to limit disclosure and to obtain confidential treatment or a protective order and have allowed Aternity to participate in the proceeding. These terms do not apply to any information that: (i) is or becomes generally known to the public without breach of any obligation owed to Aternity, (ii) was known to you prior to its disclosure by Aternity without breach of any obligation owed to Aternity, (iii) is rightfully disclosed to you by a third party without restriction, or (iv) was independently developed by you. You agree that any Aternity Confidential Information is provided “as is” without any warranties and shall not be relied upon for purchase of product or services.

Cta Ipad
Aternity, End User Experience Monitoring, Digital Experience Monitoring, Click to Render

Ready to try Aternity?