Security
We at Penny AI Technologies Inc. (“Penny” or “we“) have followed industry standard security practices throughout the process of building the Penny product.
Some of these practices include:
- End to end encryption of all data transmitted (SSL)
- Separation of machines housing critical data from machines running front end applications
- Strict access controls to each data piece defined by both Penny and the client
- An audit system which records each transaction built into the core of the product
- Physical restriction to machines is only allowed by authorized vendor, not even Penny employees can physically access them
- Code deployment which keeps all software up to date with the latest security patches
- Data is encrypted at rest using industry standard AES-256 encryption algorithm
- Penny relies heavily on Amazon Web Services (http://aws.amazon.com) for most of our infrastructure. Other companies which utilize this infrastructure include FDA, Netflix, Adobe, Suncorp, Dow Jones.
We rely on a Software as a Service (SaaS) model. This means we have one centralized location for our application and can keep critical applications up to date with the latest security measures, greatly reducing the amount of time required to deploy security patches (compare to traditional on-premise solutions).
How to Contact Us
If you have questions about our security policies, please contact us via e-mail at privacy@pennyapp.com with “SECURITY POLICY” in the subject line.