Ideal
Your data privacy is a top priority.
Our security practices meet or exceed all compliance and industry standards. With Ideal you can focus on building incredible teams without worrying about your data.
ComplianceIdeal services are hosted on secure and compliant platforms to ensure your data is safe. Ideal services are hosted on the Amazon AWS platform. Amazon is the industry leader and they have made significant investments that continue to guarantee the security that we require for our customers. AWS is SOC2 Type 1 certified. Upon request, Ideal can provide an SSAE16 SOC2 report and attestations of compliance.
Physical SecurityIdeal data centers (managed by Amazon AWS) leverage advanced architectural and engineering approaches to operating large-scale data centers. AWS data centers are housed in nondescript facilities and the physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff. AWS only provides data center access and information to employees and contractors who have a legitimate business need for such privileges.
Vulnerability TestingIdeal’s web application security is evaluated by the development team in sync with the application release cycle. Vulnerability testing includes the use of commonly known web application security toolkits and scanners. We ensure we identify application vulnerabilities before they are released into production. We also conduct regular penetration testing of our systems using third party cybersecurity companies to ensure adherence to the highest safety standards.
Data StorageIdeal stores document data (activity, original files, customers and candidate data) in multiple locations. All data in each location is encrypted at rest with AES-256 and sophisticated encryption keys management. Submit a Data Privacy Request.
System Monitoring & AlertingAt Ideal, the production application and underlying infrastructure components are monitored by dedicated monitoring systems 24/7, 365 days a year. Critical alerts generated by these systems are sent to on-call DevOps team members and escalated appropriately to operations management.
Employee AccessIdeal follows the principle of least privilege in how we write software, as well as the level of access employees, are instructed to use in diagnosing and resolving problems in our software and responding to customer support requests.
Servers & NetworkingAll servers that run Ideal software in production are continuously patched Linux systems. Additional hosted services that we utilize, such as Amazon RDS, S3 and others, are comprehensively hardened AWS infrastructure-as-a-service (IaaS) platforms.
Customer Payment InformationIdeal does not store any credit card information and uses external secure payment processing (Level 1 PCI).
Coding & Testing PracticesIdeal applies industry standard programming techniques such as having documented development and quality assurance processes to ensure that the applications meet or exceed security standards. Ideal also commits to following guidelines such as the OWASP report.
Service Levels & BackupsIdeal infrastructure utilizes multiple layered techniques for increasingly reliable uptime, including the use of auto-scaling, load balancing, task queues and rolling deployments. We do full daily automated, encrypted backups of our databases. Furthermore, backups are off-site, encrypted and stored in multiple locations.
Isolated EnvironmentsIdeal’s production network segments are logically isolated from other Corporate, QA, and Development segments.
Leverage Ideal's artificial intelligence to automate your time-consuming recruiting tasks and optimize your hiring.