Structural security

Enterprise-grade security

At Structural, an Augeo company, maintaining customer trust extends to the decisions we make about how we gather and store information.

We’ve implemented enterprise security standards to keep our customers’ data secure. See the additional information below on our security controls, or for more information on how we manage private information, view our Privacy Policy.

Soc 2 Compliance

A SOC 2 audit is an assessment of the internal controls that are directly related to the security and availability of our platform. This audit ensures that our information security practices, policies, procedures, and operations meet or surpass the rigorous SOC 2 standards created by the AICPA. Our platform is secure by design, and now we’ve had an independent third party verify that fact.

SOC 2 Audited type 2 logo

Secure by Design

Each customer controls which data is stored on the platform and has complete administrative control over how that data in handled. Structural is designed to securely store data at rest. We also use TLS encryption between the web client, mobile app and Structural’s infrastructure.

Governance

The governance of our platform is achieved through an audience-focused permission model, as well as multiple roles within the platform. Content created on the platform can be shared with wide or limited audiences. Additionally, any content can be removed at any time by an administrator. Structural logs all activity on the system to capture and report on user behavior.

Permissions

Structural is designed to be an open platform for those users who have successfully authenticated. Creating an internal people network is predicated on members of that network being able to connect with one another. However, if there is sensitive information or profiles that shouldn’t be visible, we provide a rich method of creating, saving and using audiences to share specific information.

Access

Access to Structural is governed by the client and each user on the platform is associated with a member of an authorized team. Structural integrates with the g-suite, local authentication and SAML IdPs such as Okta, leveraging best-in-class authentication and authorization technologies.

Development Practices

Structural is developed on secure machines using modern, secure practices with a high level of security and protection of sensitive information. Structural is deployed in a robust, multi-zone, cloud deployment for both redundancy, continuity of service, and disaster recovery. Structural operates on a need-to-know data access policy as well as maintaining a continuity of service plan.