We Take Security
& Privacy Seriously.
Sonar understands how critical security and compliance is when dealing with your most valuable business system. That’s why we work with best-in-class providers and adhere to the outlined policies and procedures below to ensure that your data is secure.
How we store, process and secure your data.
Sonar utilizes the Salesforce Metadata API in order to create our Salesforce blueprint. As a read-only application, no record-level business data, including PII and PHI, is accessed or processed by Sonar.
Components of the Sonar platform are SOC 2 Type 2 compliant. Sonar undergoes a SOC 2 Type 2 examination of our security controls against the AICPA defined standards.
Sonar is compliant with GDPR, CCPA, PCI and HIPAA. We are committed to ensuring ongoing compliance under ongoing and new requirements outlined under these frameworks.
All network traffic runs over SSL/HTTPS. Transport Layer Security (TLS v1.2) encryption ensures the highest level of security for your data.
Production data is only stored in production environments. Full copies of the production database are taken daily and tested frequently.
Sonar regularly performs security tests to identify and remediate potential vulnerabilities.
Sonar is hosted at Amazon data centers, running on Amazon Web Service and Google Cloud Platform technology.