Accelo values the trust clients place in our platform when relying on it to safeguard critical business information and provide consistent support for their operations.
To uphold this responsibility, Accelo maintains a structured approach to key areas such as operations and security. While certain details cannot be disclosed to protect both clients and the platform, the following information provides an overview of these practices.
Accelo has a confidential SOC 2 Type 2 report attesting to our commitment to meeting rigorous industry standards, established by the American Institute of Certified Public Accountants (AIPCA), through controls governing the availability, confidentiality, and security of data. A copy of this report is available to existing clients, and available to prospective clients upon execution of a mutual non-disclosure agreement (MNDA). Please contact your Accelo Account Executive or Customer Success Manager for additional details.
External auditors assess our security annually by examining the following key areas:
The significant overlap between the security controls required for SOC 2 compliance and those mandated by many global regulations and frameworks ensures that Accelo is well-positioned to meet the security expectations of our diverse customer base.
In addition to encrypting data in transit between clients and Accelo, all stored data is encrypted. Encryption at Rest is implemented using the industry-standard AES-256 encryption algorithm, securing data on the hosting servers.
This measure ensures that data remains accessible only within Accelo’s controlled systems environment. In the event of unauthorized access to physical storage devices, the encrypted data remains protected and cannot be accessed without the decryption key.
The security and quality control embedded into Key Management Service (KMS) we use have been validated and certified by the following compliance schemes:
See Accelo’s Terms of Service and Privacy Policy for additional information.
Accelo’s systems incorporate two forms of backup: hot failover for real-time systems, ensuring seamless transition in the event of a primary system failure, and data backups to restore information in case of accidental deletion. Backup snapshots are taken daily, with a separate weekly backup retained for an extended period.
Accelo provides multiple security controls to help organizations enforce best practices for data access and account protection.
Like your business, our business depends on the integrity and capabilities of our people, operating with the support and coordination of our processes.
When it comes to your business data stored in our cloud infrastructure, access is tightly controlled. Access to production systems is limited to a select group of engineering personnel, and is controlled by SSH keys centrally managed by an orchestration infrastructure.
Operationally, development environments are separated completely from production systems, ensuring tight control on access to your data and that development work can't touch or interact with production data. If developers require access to debug something specific, an encrypted export of a subset of data is requested, transferred via an encrypted channel (SSH 2.0 protocol using SHA-256 keys), and worked on in development environments that are also encrypted at rest.
Development environments are actively managed by our DevOps team, ensuring consistency and tightly managed control.
Access to any account via the Accelo application is logged, showing the user and the timestamp of the login/use.
This is the only manner through which support staff access client accounts, and it is limited to support staff replicating or confirming/resolving issues reported by a client. Per industry privacy and confidentiality standards, all team members sign stringent confidentiality agreements before starting with Accelo, and any abuse of access is grounds for immediate termination.
See Accelo’s Terms of Service and Privacy Policy for additional information.
Accelo's setup, choice of vendors, and operating position are strong, ensuring resilience and continuity into the future.
Accelo engages Amazon Web Services (AWS) as our cloud infrastructure provider. AWS is the world's largest cloud provider with more than twice the market share of the next three largest Infrastructure as a Service (IaaS) providers combined.
We utilize AWS services in multiple global regions. Within each, we use multiple independent systems that provide load balancing, compute power, scalable and redundant databases and object storage that underpin the services we provide. We also make use of the distributed DNS service, system monitoring services and security key generation and storage services offered by AWS. When it comes to maintaining system uptime, key services like our databases are always running in a replicated, dual-instance configuration so that if one database becomes unavailable, its identical twin is already running and available to take over automatically.
Our platform also implements automatic scaling strategies so that, as more users log on to our product and start using it, our systems will automatically increase the hardware resources allocated to keep performance reliable and consistent for everyone at all times.
Accelo has been a leader in the professional services automation space for over a decade, and we look forward to empowering our clients into the future. In addition, all clients have the ability to export their data in its native SQL format for their own use and retention. Accelo believes strongly that your data is absolutely your data, and is committed to ensuring that you're able to take it out of the platform for peace of mind or curiosity any time you wish.