AltiSales logoAltiSales

AltiSales Trust Center

AltiSales is in compliance with security best practices, has implemented and is monitoring comprehensive controls, and maintains policies to outline its security procedures.

security@altisales.io

Compliance

Links

Privacy PolicyTerms of Service

Resources

SOC 2 Type II Report
Chief Information Security Officer (CISO) Policy
Board of Directors Charter
Data Classification Policy
Network Security Policy

Controls

Access control procedures
Multifactor authentication
Tracking access changes
VPN access
Remote access tool
Encryption of data
Backup and recovery policy
Source code tool
Outsourced Development Management
Sample code changes
Web application firewall
Vulnerability scanning
Network diagram
Intrusion detection tool
Infrastructure firewall
Monitoring tool
Infrastructure baseline hardening policy
Breach notification communication
Alerts and remediation
Security incident list
Whistleblower policy
Log management tool
Vendor management program
Vendor onboarding
Vendor list
Vendor termination
New employee and contractor agreements
Employee handbook
List of active employees & contractors as on date
List of newly hired employees & contractors
List of terminated employees & contractors
Multi-availability zones
Asset register maintaining
Risk and Governance Executive Committee meeting minutes
Risk management program
Internal communication for changes in roles
Intellectual property rights
Organization chart
Security-related roles
Pre-hire checklist

Subprocessors

HubSpot
HubSpotUnknown Category
AI Assistant for Salesloft, Outreach, Hubspot, Orum
AI Assistant for Salesloft, Outreach, Hubspot, OrumBusiness Apps & Productivity
AWS
AWSCloud Infrastructure & Platform Services

FAQs

Emergency changes that can't follow regular processes due to urgency require immediate attention and discussion with a relevant service manager. Such changes are formally approved retrospectively after implementation. These emergency changes are later reviewed in periodic meetings to analyze lessons learned, root causes, and impacts.

Source code changes are logged, time-stamped, and attributed to their author in a source code management tool. Access to the source code tool is restricted to authorized users using multi-factor authentication.

All systems are patched and updated on a documented, regular, and timely schedule using the Common Vulnerability Scoring System (CVSS) to aid in setting patching guidelines. Critical security vulnerabilities must be patched as soon as possible regardless of CVSS score.