Glia Certifications

Security at the Core

Security page background graphicSecurity page background graphic left

Glia's security stack has
three distinct layers

Glia security stack illustration
Security Stack shadow
Personnel labelApplication labelInfrastructure label

Glia Security Stack

Infrastructure bottom pieceInfrastructure middle pieceInfrastructure top piece
Infrastructure icon


Hardened Amazon Web Services (AWS) Infrastructure

Glia is exclusively hosted on AWS. Glia inherits the control environment AWS maintains and demonstrates via SSAE-16 SOC 1, 2 & 3, ISO/IEC 27001, FedRAMP/FISMA reports and additional certifications. In addition, Glia has deployed a 24/7 intrusion detection system that sits on-top of AWS with daily manual log reviews. All data is encrypted both in transit and at rest.

Infrastructure illustration
Glia graphic element bottom
Glia graphic element right
Application icon


SDLC practices with security at the core

Glia follows a Test-Driven Development (TDD) software development process including both multi-party manual and automated security checks based on OWASP application security principles. Application security controls include: defense in depth, positive security model, fail securely, run with least privilege, intrusion detection, end-to-end encryption and masking of PII amongst others. In addition, Glia undergoes third party penetration testing on a scheduled basis.
Application illustration
Application bottom pieceApplication middle pieceApplication top piece
Glia graphic element bottom
Personnel bottom piecePersonnel middle piecePersonnel top piece
Personnel icon


Dedicated Security Personnel and a Security-First Mindset

Glia has dedicated staff responsible for security across the organization. They are continuously trained and credentialed in current information security, risk management, and service delivery—including ISACA (CISM, CISA, CRISC) and other certifications. All Glia employees undergo background checks along with initial and ongoing security training and testing. All access is two-factor authentication controlled, logged and run with least privilege controls.
Personnel illustration
Glia graphic element right

Validated, Field-Proven Security and Compliance

Security has always been our top priority across these three distinct layers and beyond. The Glia Interaction Platform was architected from the ground up to exceed the security, reliability and compliance needs of the most demanding financial enterprises and we hold ourselves to that standard every day. Our technology and processes are field-proven by security and compliance teams across our 400+ customers and dozens of partners in the financial industry, and our third-party compliance and assessment statuses include:

• SOC 2 Type 2
• Payment Card Industry Data Security Standard (PCI DSS)

Glia is committed to the protection of its customers' data and to maintain a compliance posture aligned with the procedures defined by applicable international laws and regulations.

Our team stays on top of the ever-changing security landscape to ensure our customers, and their customers, can rest easy knowing their interactions are secure and their financial and personal data is safe.

Choose the Right Conversational Bot
Solution for Your Needs

From AI-driven virtual assistants that automate and expedite customer conversations to operator assistants that guide reps, you can easily orchestrate the right bots to support your specific customer service operations. Glia helps you infuse AI into your public and authenticated web and mobile properties as well as your phone call center to elevate and automate customer service and optimize contact center efficiency.

Request our latest Architecture and Security White Paper!

You can also request our latest SOC 2 Type 2 report, HIPAA/HITECH Type 1 report, and PCI DSS Attestation of Compliance (AOC).

Architecture & Security

This white paper details the Glia security framework and implementation
Architecture & Security White Paper