Security is very important to us here at Canopy. As a result, the Canopy cloud infrastructure has been architected to be very secure. Here is an overview of certain steps we've taken to ensure the security of our users and their data.
- AICPA Compliant.Canopy's data centers have achieved compliance with an extensive list of AICPA security standards, including SOC 1, SOC 2, and SOC 3. In so doing, our datacenter has addressed each of the more than 100 individual controls criteria listed in the SOC 2 Principles and Criteria.
- Protection from Data Loss, Corruption. Account data is mirrored and backed up regularly off site.
- Sophisticated Physical Security. Data centers are staffed 24x7 by trained security guards, and access is limited strictly to technical staff. Electronic security systems control data center access and are accompanied by a full compliment of motion detecting security cameras which monitor the entire facility.
- Browser Security. Our website uses bank-level SSL encryption (128-bit encryption) to secure personal information from our users.
- Full redundancy for all major systems. Our servers — from power supplies to the internet connection to the air purifying systems — operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.