Security

Your data privacy is a top priority.
Our security practices meet or exceed all compliance and industry standards. With Ideal you can focus on building incredible teams without worrying about your data.

Request a Demo

Compliance

Ideal services are hosted on secure and compliant platforms to ensure your data is safe. Ideal services are hosted on the Amazon AWS platform. Amazon is the industry leader and they have made significant investments that continue to guarantee the security that we require for our customers. AWS is SOC2 Type 1 certified. Upon request, Ideal can provide an SSAE16 SOC2 report and attestations of compliance.

Learn More

Physical Security

Ideal data centers (managed by Amazon AWS) leverage advanced architectural and engineering approaches to operating large-scale data centers. AWS data centers are housed in nondescript facilities and the physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges.

Learn More

Software security

Vulnerability Testing

Ideal’s web application security is evaluated by the development team in sync with the application release cycle. Vulnerability testing includes the use of commonly known web application security toolkits and scanners. We ensure we identify application vulnerabilities before they are released into production.

Data Storage

Ideal stores document data (activity, original files, customers and candidate data) in multiple locations. All data in each location is encrypted at rest with AES-256 and sophisticated encryption keys management.

System Monitoring & Alerting

At Ideal, the production application and underlying infrastructure components are monitored by dedicated monitoring systems 24/7, 365 days a year. Critical alerts generated by these systems are sent to on-call DevOps team members and escalated appropriately to operations management.

Employee Access

Ideal follows the principle of least privilege in how we write software, as well as the level of access employees, are instructed to use in diagnosing and resolving problems in our software and responding to customer support requests.

Servers & Networking

All servers that run Ideal software in production are continuously patched Linux systems. Additional hosted services that we utilize, such as Amazon RDS, S3 and others, are comprehensively hardened AWS infrastructure-as-a-service (IaaS) platforms.

Customer Payment Information

Ideal does not store any credit card information and uses external secure payment processing (Level 1 PCI).

Coding & Testing Practices

Ideal applies industry standard programming techniques such as having documented development and quality assurance processes to ensure that the applications meet or exceed security standards. Ideal also commits to following guidelines such as the OWASP report.

Service Levels & Backups

Ideal infrastructure utilizes multiple layered techniques for increasingly reliable uptime, including the use of auto-scaling, load balancing, task queues and rolling deployments. We do full daily automated, encrypted backups of our databases. Furthermore, backups are off-site, encrypted and stored in multiple locations.

Isolated Environments

Ideal’s production network segments are logically isolated from other Corporate, QA, and Development segments.

Leverage Ideal's artificial intelligence to automate your time-consuming recruiting tasks and optimize your hiring.