COMMUNICATE IN CONFIDENCE WITH ENTERPRISE-GRADE SECURITY

We start and end with security, in every aspect of our product.

Traffyk.ai is a data, analytics and AI platform, focusing on work communications.

We use data from an organisation’s SaaS platforms – Microsoft365, Slack, Google Workspace and others – to understand communication performance from both employee and leadership perspectives.

We do not collect Personally Identifiable Information (PII).

Our founders worked for many years at senior levels in large enterprise, so this focus comes naturally. They worked hand in hand with technology, cyber security and architecture resources to build technology plaforms from scratch.

Bringing all this experience to bear, and because of the data we use, Traffyk.ai is designed and built from the ground up with secure principles, standards, governance and regulatory compliance as the number one product principal.

ISO27001 On track for certification: July 2024

Backed by Mandiant
Expert global cyber defence solutions

ACSC ESSENTIAL 8
Currently Implementing

GDPR Compliance Coming Soon

SOC2 Certification
coming soon

Traffyk uses the Vanta platform

Secure and Compliant. Designed and Built.

At Traffyk.ai. we believe that compliance with ISO27001, Essential 8, GDPR, and SOC2 is just the beginning. We foster a culture of security and privacy that permeates every level of our organisation. 

To ensure our commitments are more than just words: 

  • We conduct regular audits of our processes and systems with real-time testing and controls via the Vanta compliance platform.

  • Our employees receive regular training on the latest in data protection practices and are encouraged to take a proactive stance on information security.

  • We regularly employ external experts to provide the latest updates, trends and best practices in the infosec space.

These steps not only help us maintain our compliance with international standards but also identifies opportunities for improvement, ensuring that our security measures are always meet or exceed the requirements our customers have.

In addition, our team at Traffyk adheres to broader industry best-practices with software development processes, including extensive testing across our application and infrastructure, plus automated testing with every deploy. 

Secure data

All data is secured and encrypted in transit and at rest.

Automated backups

All production information is continuously backed up to encrypted storage on AWS. 

Internal security best-practices

All employees undergo regular security awareness training, and use centrally managed, fully encrypted devices.

Secure coding principles

All changes to our production code require peer review before being merged. Code changes must pass comprehensive automated testing, vulnerability scanning, and dependency scanning.

Proactive vulnerability alerts

Security and vulnerability issues in production environments and software dependencies are proactively alerted upon and addressed as soon as possible.

Environment access control

All team members are required to use SSO and multi-factor authentication (MFA) including hardware keys for development teams and environments.

Production environments and data are segregated from those of development. 

Production customer data is not utilised on staging and testing environments.

More on Traffyk security

Contact us to learn more about our security and governance practices. Fill in the form and we’ll be in touch.