Security

End to end security embedded in all workflows

ISO 27001

ISO

SOC2

ISO

GDPR

Level AI satisfies the requirements for GPDR, HIPAA, PCI and ISO 27001 compliance

ISO 27001

ISO

SOC2

ISO

GDPR

Level AI satisfies the requirements for GPDR, HIPAA, PCI and ISO 27001 compliance

ISO 27001

ISO

SOC2

ISO

GDPR

Level AI satisfies the requirements for GPDR, HIPAA, PCI and ISO 27001 compliance

features

Security as a
standard

PII redaction

Level AI prioritizes customer privacy. Sensitive information like name, addresses and credit card numbers are automatically redacted

Penetration testing

We closely work to identify any vulnerabilities using guidelines from the OWASP Application Security Verification standard and ISO27001

Role based access control

We limit access to data by role based access control (RBAC) with audit logs. Access to customer data follows the principle of least privilege.

Data encryption

All customer data is encrypted both at rest and during transit. The data passed between Level and third party applications is always encrypted.

Secure SDLC

Level has policies around secure development lifecycle (SDLC). Code reviews are mandatory, and every developer is required to learn and apply the best security practices.

Secure infrastructure

Our GCP based infrastructure is secured using rigorous vulnerability testing. Access to servers is resources is managed by the principle of least privilege using IAM policies.

PCI Compliance

Level is PCI Compliant -it has met all the criteria for securing and protecting cardholder data and has been audited for it.

FAQ

Have questions?
Find answers

Any more questions?

Contact us

Is Level AI’s data center secure?

Our Infrastructure is hosted on GCP, and we meet the requirements of a number of certifications that ensure the confidentiality, security and integrity of our data.

Does Level AI perform regular penetration tests?

We work closely with security researchers to identify vulnerabilities in our application and infrastructure that attackers could exploit. All the vulnerabilities are resolved by our team.

What are some of the security policies that Level follows:

We maintain security policies that cover the following key areas:

  • Data classification

  • Data retention and disposal

  • Change management

  • Information security

  • Encryption and key management

  • Security Incident Response

Is security a part of onboarding?

All Level employees and contractors receive formal security training as a part of their onboarding, which includes a review of all the Level policies.

How is cloud access managed?

Cloud access is managed using 2FA for accounts. The servers can only be accessed over the VPN. We maintain an extensive audit trail for all key operations.

Who has administrative access to our database?

Only a small number of engineers are permitted to have access to the backend database. This access is managed using IAM policies.

FAQ

Have questions?
Find answers

Is Level AI’s data center secure?

Our Infrastructure is hosted on GCP, and we meet the requirements of a number of certifications that ensure the confidentiality, security and integrity of our data.

Does Level AI perform regular penetration tests?

We work closely with security researchers to identify vulnerabilities in our application and infrastructure that attackers could exploit. All the vulnerabilities are resolved by our team.

What are some of the security policies that Level follows:

We maintain security policies that cover the following key areas:

  • Data classification

  • Data retention and disposal

  • Change management

  • Information security

  • Encryption and key management

  • Security Incident Response

Is security a part of onboarding?

All Level employees and contractors receive formal security training as a part of their onboarding, which includes a review of all the Level policies.

How is cloud access managed?

Cloud access is managed using 2FA for accounts. The servers can only be accessed over the VPN. We maintain an extensive audit trail for all key operations.

Who has administrative access to our database?

Only a small number of engineers are permitted to have access to the backend database. This access is managed using IAM policies.

FAQ

Have questions?
Find answers

Any more questions?

Contact us

Is Level AI’s data center secure?

Our Infrastructure is hosted on GCP, and we meet the requirements of a number of certifications that ensure the confidentiality, security and integrity of our data.

Does Level AI perform regular penetration tests?

We work closely with security researchers to identify vulnerabilities in our application and infrastructure that attackers could exploit. All the vulnerabilities are resolved by our team.

What are some of the security policies that Level follows:

We maintain security policies that cover the following key areas:

  • Data classification

  • Data retention and disposal

  • Change management

  • Information security

  • Encryption and key management

  • Security Incident Response

Is security a part of onboarding?

All Level employees and contractors receive formal security training as a part of their onboarding, which includes a review of all the Level policies.

How is cloud access managed?

Cloud access is managed using 2FA for accounts. The servers can only be accessed over the VPN. We maintain an extensive audit trail for all key operations.

Who has administrative access to our database?

Only a small number of engineers are permitted to have access to the backend database. This access is managed using IAM policies.