Our Commitment to Information Security
Updated May 7th, 2025.
Our Commitment to Information Security
At Cerulean AI, we understand that the security and privacy of your data are paramount. Earning and maintaining your trust is fundamental to our business. We are deeply committed to implementing and upholding robust security practices to protect the confidentiality, integrity, and availability of the information you entrust to our platform. We recognize that strong security is not just a feature, but a prerequisite for building lasting partnerships.
B. Key Security Practices and Measures
We are committed to maintaining comprehensive security measures in both our technology and operations. To achieve this, we adhere to internationally recognized standards, including SOC 2 and ISO 27001. These standards and practices include:
Secure Infrastructure: We leverage the robust security of leading cloud infrastructure providers (AWS) and implement network security controls, including firewalls and intrusion detection systems, to safeguard our systems from unauthorized access.
Data Protection: We prioritize the protection of your data by using strong encryption for sensitive customer data, both in transit and at rest. Additionally, we maintain strict data handling, classification, and retention policies.
Data Isolation: Our robust multi-tenancy architecture ensures data separation, isolating each customer's data to maintain privacy and prevent unauthorized access.
Secure Development: Security is integrated into our software development lifecycle through secure coding practices, code reviews, and security testing. This helps identify and address vulnerabilities before they reach production.
Access Control: We implement strict access controls based on the principle of least privilege, ensuring that only authorized personnel can access sensitive systems and data. This will include multi-factor authentication (MFA) for critical access points and regular reviews of user permissions.
Operational Security: We maintain formal processes for security operations, including ongoing vulnerability management, incident response planning, and disaster recovery and business continuity planning.
Employee Awareness: We conduct security awareness training for all employees, emphasizing their role in protecting customer data.
C. Roadmap Towards Certification
We believe in independent validation of our security posture. Cerulean AI is actively preparing its systems, controls, and processes to undergo formal audits for both SOC 2 Type 2 and ISO 27001 certifications. Achieving these internationally recognized standards is a key strategic objective for our company. We are diligently working towards this goal to complete these certification processes as a demonstration of our enduring commitment to security excellence.
D. Managing Expectations & Contact Information
While we are progressing diligently on our path towards formal certification, please be assured that information security is already a core principle embedded in our culture and operations. We are committed to maintaining transparency with our customers regarding our security practices and continuous improvement efforts.
If you have further questions about our security program or planned initiatives, please do not hesitate to contact hello@joincerulean.com
(Disclaimer: This overview describes current and planned security practices and future intentions. It does not imply current SOC 2 or ISO 27001 certification.)