Security
Security Built For Your Industry
OUR certifications
.webp)
Three Pillars of Trust
Infrastructure
Hardened Amazon Web Services (AWS) Infrastructure
Glia is exclusively hosted on Amazon Web Service (AWS). Glia inherits the control environment AWS maintains and demonstrates via SSAE-16 SOC 1, 2 & 3, ISO/IEC 27001, FedRAMP/FISMA reports and additional certifications. We’ve also deployed a 24/7 intrusion detection system that sits on top of AWS with daily manual log reviews. All data is encrypted both in transit and at rest.
Application
SDLC Practices With Security at the Core
Glia follows a Test-Driven Development (TDD) software development process including both multi-party manual and automated security checks based on OWASP application security principles. Glia also undergoes third-party penetration testing on a scheduled basis. Application security controls include:
• Defense in depth
• Positive security model
• Fail securely
• Run with least privilege
• Intrusion detection
• End-to-end encryption
• Masking of PII
• Defense in depth
• Positive security model
• Fail securely
• Run with least privilege
• Intrusion detection
• End-to-end encryption
• Masking of PII
Personnel
Dedicated Security Personnel, Security-First Mindset
Glia has dedicated staff responsible for security across the organization. They are continuously trained and credentialed in current information security, risk management, and service delivery—including ISACA (CISM, CISA, CRISC) and other certifications. All Glia employees undergo background checks along with initial and ongoing security training and testing. All access is two-factor authentication controlled, logged and run with least privilege controls.
Built Secure From the Ground Up
Our platform is architected to exceed the security, reliability and compliance needs of the most demanding financial enterprises—and we hold ourselves to that standard every day.
Field-Proven Security and Compliance
Our technology and processes are field-proven by security and compliance teams across 600+ customers and partners.
Certified To The Highest Standards
We’re committed to protecting customer data, following all international laws, and maintaining compliance statuses including:
Field-Proven Security and Compliance
Our technology and processes are field-proven by security and compliance teams across 600+ customers and partners.
Certified To The Highest Standards
We’re committed to protecting customer data, following all international laws, and maintaining compliance statuses including:
SOC 2 Type 2
Payment Card Industry Data Security Standard (PCI DSS)
HIPAA/HITECH Type 1
CCPA
Safeguarding Your Future
Our team stays on top of the ever-changing security landscape to protect sensitive data and keep interactions safe for our customers—and your customers.
Our team stays on top of the ever-changing security landscape to protect sensitive data and keep interactions safe for our customers—and your customers.
