Allison

Allison is a low code platform that enables businesses to integrate with Community Banks & Credit Unions to create financial products, through automation workflows.

Website
https://tryallison.com
Trust Center
https://allison.trust.page

Compliance
Product Security
Data Security
Privacy
Incident Management & Response
Availability & Reliability
Organizational Security
Business Continuity
Infrastructure

Compliance
- GDPR
  Allison Fintech Co is CCPA And GDPR compliant. Please refer to our formal privacy policy for more details.
Product Security
- Role-Based Access Control (RBAC)
Data Security
- Data Encrypted At-Rest
  https://cloud.google.com/docs/security/encryption/default-encryption
- Data Encrypted In-Transit
  https://cloud.google.com/docs/security/encryption-in-transit
- 1 more topic
Privacy
- Privacy Policy
Incident Management & Response
- Data Breach Notification
- Incident Response Plan (IRP)
  Our Incident Response Plan reflects that security incidents must be managed in an efficient and time effective manner to make sure that the impact of an incident is contained and the consequences for our business and our customers are limited.
  
  Our Incident Response Plan sets out the Allison plan for reporting and dealing with security incidents, including:
  
  Security incident recognition
  Roles and Responsibilities
  Incident response steps
  Testing plan
Availability & Reliability
- Auto Scaling
  https://cloud.google.com/storage/sla
- Data Redundancy
  https://cloud.google.com/storage/sla
- 1 more topic
Organizational Security
- Employee Workstations Automatically Locked
  In order to prevent unauthorized access, devices must be password protected using the features of the device and a strong password is required to access the company network. Allison has a formal Password policy.
  
  All devices must lock itself with a password or PIN if it’s idle for five minutes. Rooted (Android) or jailbroken (iOS) devices are strictly forbidden from accessing the network.
  Employees’ access to company data is limited based on user profiles defined by IT and automatically enforced.
- Limited Employee Access (Principle of Least Privilege)
  Allison uses CyberArk to manage principle of least privilege: https://www.cyberark.com/what-is/least-privilege/
Business Continuity
- Business Continuity Plan
  Overview
  This document establishes procedures and processes to maintain operational continuity for businesses based on two types of disruptions that could occur individually or in any combination:
  
  Loss of services due to a reduction in workforce (e.g., during pandemic influenza);
  Loss of services due to equipment or systems failure (e.g., information technology (IT) systems failure, electrical grid failure).
  Purpose
  The Allison Business Continuity Plan objective is to facilitate the resumption of critical operations, functions, and technology in a timely and organized manner to ensure a viable and stable organization. In doing this it is critical to ensure the safety and well-being of employees and customers.
  
  The primary objectives of the plan are to:
  
  • Maintain Critical Business Functions
  • Most critical departments/business functions
  • Protect vital data
  • Ensure that they are accessible under all conditions
- Disaster Recovery Plan
- 1 more topic
Infrastructure
- SOC 2 Type II - Data Center
  https://cloud.google.com/storage/sla

Unlimited access to the directory allows you to review and compare thousands of security postures sourced from around the web.

Allison

.css-np5eqa{display:-webkit-box;display:-webkit-flex;display:-ms-flexbox;display:flex;padding-left:var(--chakra-space-1);}Compliance

Product Security

Data Security

Privacy

Incident Management & Response

Availability & Reliability

Organizational Security

Business Continuity

Infrastructure

Compliance