Built Secure from the Start
Our customers rely on Addigy to manage and secure devices and the data inside them. To protect our customer’s environments, Addigy utilizes the best infrastructure, protected by top Security experts.
If you are interested in our GDPR Data Protection Agreement, please click here.
Compliance & Certifications
The Addigy MSA and DPA are supported by the people, processes, and technology necessary for the protection of customer personal data in compliance with legal and contractual obligations for regulations such as GDPR. The key activities implemented for privacy regulations are listed below.
- Provided awareness sessions with customer-facing staff on their roles and responsibilities for compliance
- Updated company-wide security awareness materials to include new customer personal data protection and privacy practices
- Established and assigned data protection roles and responsibilities
- Established firstname.lastname@example.org for data subjects to submit requests
- Established and maintained registers of customer personal data collection and processing activities
- Completed privacy risk assessment to support customer data protection impact assessments
- Implemented SOC 2 controls to support processing activities for protection of customer personal data
- Established Data Processing Agreement
- Provided MSA and DPA upon request from email@example.com to support customer compliance
- What personal data is processed by Addigy? Addigy processes the following types of personal data:
- Addigy Agent Data (Device Information such as MAC Address, Device Name, IP address).
- User information (IP address, user activity, helpdesk tickets, satisfaction data)
- More information is available here.
- What categories of individuals (e.g. data subjects) does the personal data come from?
- Addigy processes limited personal data from Customer Addigy Devices and Environments to provide basic functionality of the product.
- Where does Addigy store customer personal data?
- All customer personal data is stored by Addigy on Amazon Web Services (AWS) and Google Cloud Platform (GCP) using data centers located in the United States of America. Addigy maintains Privacy Shield certifications to provide an adequate level of protection for data transfers from the EU.
- If you have any questions, please contact your Account Executive, Customer Success Manager, or email firstname.lastname@example.org.
- How do I obtain a Data Processing Addendum?
- Do you have additional GDPR information?
- Yes, find more information here.
The Addigy’s security model is an end-to-end process, spanning application, authentication, and storage, the services that power our software.
- Users passwords are encrypted with the strongest encryption methods available.
- Addigy supports and includes as part of the Addigy Service multiple Multi-factor Authentication methods, SAML 2.0 Support, and OAuth 2.0 Support for enhanced user security.
- Role-Based Privileges enable admins to limit the permissions of some users within a team, including Help Desk, HR, or Security.
- Privileges are built on a multi-tiered and multi-tenant system and include functionality to limit users to create, read, edit, or delete actions across the application.
- Addigy logs the relevant activity into a system that is immutable, time synced, and accessible by account admins. Event logs are fully exportable via API or can easily be searched through via the application.
- The event logs contain: Addigy user activities, the application affected by event, status of event (success/failed), event type, timestamp, and a brief description.
Secure Internet Connectivity (HTTPS)
- All of the Addigy application’s externally-facing services use HTTPS to ensure encryption in transit of all customer information.
- The Addigy application uses Transport Layer Security (TLS) version 1.2 or higher to protect HTTPS communications.
Addigy is built and hosted on Amazon Web Services (AWS) and Google Cloud Platform (GCP) platform along with Stripe. For more information regarding AWS and GCP Security, please view Amazon and Google’s own Security and Privacy Documentation:
- A dedicated security team, including a senior officer in the company, is chartered with ensuring the security, confidentiality, and integrity of company and customer data. Our security team performs engineering tests and educational campaigns to mitigate attacks and develop a security mindset as part of the culture of the company.
- We actively reduce the attack surface by limiting the number of personnel with access to production, auto locking employees computers after a short period of inactivity, and utilizing commercial tools to provide a multi-layered defense.
Securing your Addigy-managed Devices
We take the security of your Apple devices very seriously, and there are several tools available in Addigy to help you do just that. Here are just a few, and of course all of these can be configured at the policy level to help make sure you haven’t left any devices out.
Enable a firewall on any machine in your portfolio, or add it to a policy to enable on a large group of machines with a few mouse clicks.
Protect your network and your end-users’ data from phishing and other malware sites.
Enable and manage a remote Mac's FileVault with Addigy’s FileVault-Manager tool. Even pushing FileVault keys up from the device to the Addigy account.
Ensure that all of your Macs can only install apps from the Mac App Store or from certified developers.
Enforce light or strict password policies easily, including password complexity, length, expiration, and lockout techniques.
Our one-click-install catalog includes industry-leading security apps, like WebRoot, AntiMalware, and MBBR by MalwareBytes. Add them to all your policies to maintain a solid baseline of security.
Manage settings to require password immediately after screensaver is initiated.
Our team is available to immediately respond to any malicious attacks on our platform to protect our customers’ data.