We take data security very seriously

EverAfter is committed to the security of our customers and their data. As a cloud-based company entrusted with some of our customers’ most valuable data, we are focused on keeping you and your data safe. EverAfter undergoes periodic penetration testing, and encrypts data at rest and in-transit. Our customers entrust sensitive data to our care. Keeping customer data safe is our priority.

EverAfter uses Amazon Web Services (AWS) for secure and resilient hosting of staging and production environments.  We use multiple availability zones to store customer data redundantly. AWS data centers are monitored by 24×7 security, biometric scanning, and video surveillance and are continuously certified across a variety of global security and compliance frameworks.

EverAfter uses internal services requiring TLS for network access and authenticates users through a central identity provider and two-factor authentication whenever possible. All employees are required to participate in security and privacy awareness training, which weaves security into technical and non-technical roles.

Our SOC 2 Type 2 report attests to the security controls we have in place as they map to Trust Service Principles established by the American Institute of Certified Public Accountants (AICPA).