Arria NLG's Information Security Program
Arria NLG ensures the confidentiality, integrity, and availability of client data through the following security certifications and protocols.
ISO 27001:2013 Certified
Arria NLG holds the ISO/IEC 27001:2013 certification from the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). ISO 27001:2013 is a comprehensive international standard achievable in information security management and validates the security practices we have adopted to ensure the confidentiality, integrity and availability of client data.
The certification demonstrates our ongoing commitment to establishing, implementing, operating, monitoring, reviewing, maintaining, and improving our information security management systems.
Arria has been externally audited by BSI (the most respected and reputable management systems certification body in the world) and has been shown to comply with the highest level of information security standards.
The certification recognizes the robust processes adopted throughout the entire organization, including media asset management, cloud service infrastructure, software development and deployment, security policy, physical and environmental security, business continuity management, and much more.
Contact your Account Manager for more information.
SOC 2 Type 2 Examination
System and Organization Controls (SOC) Reports are independent third-party examination reports that demonstrate how Arria achieves key compliance controls and objectives. The purpose of a SOC 2 report is to help you and your auditors understand the controls Arria has established to support operations and compliance.
Arria has completed a SOC 2 Type 2 examination for the period 1 JAN 2020 to 31 JUL 2020. Arria is committed to continue annual SOC 2 Type 2 examinations to provide transparency and assurance of our operations and compliance activities.
Cloud Platform Built on Amazon AWS
Arria NLG Studio uses modern DevOps and Cloud technologies to provide a secure, scalable and resilient service.
Arria has built NLG Studio using modern and secure software development and deployment techniques such as Kubernetes, auto-scaling and geographically redundant services, modern authentication and much more to provide world-leading NLG technology.
Arria NLG Studio Security
TLS 1.2 HTTPS communication only
Arria Studio uses only HTTPS communication and is set up to enforce TLS 1.2 encryption. There are no proprietary protocols in-use, nor is there any need for file-transfers or manual connections to the system.
Hardened images and virtual infrastructure
Arria’s security team regularly reviews all network and firewall rules as well as ensures the hosted virtual servers are patched and properly hardened (remove unnecessary services and accounts, encrypted virtual hard drives, etc.).
Regular Security Testing
Arria’s security team performs regular vulnerability testing and scanning using recognized tools (Qualys, WhiteHat Security) and actively manages vulnerabilities.
Arria-hosted Private Cloud
Arria Studio hosted by Arria as a Private Cloud deployment (single customer) can be deployed to geographic regions as required by the use case/customer requirements.
Arria NLG is certified by the British Standards Institute (BSI), certificate number IS619151.
Arria SOC2 Type 2 Examination
Arria conducts annual SOC 2 Type 2 examinations to provide continued assurance for operations and compliance activities.
Arria Studio Authentication Integration
Arria Studio, when deployed using Customer Hosted or Arria Hosted Private Cloud options can integrate with customer authentication for centralized user management.
For more information on Arria’s industry leading security certifications and protocols, and how they will meet your specific use case, please contact Arria Support.