<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=791621130965670&amp;ev=PageView&amp;noscript=1">
Get a demo
Get a demo
Security policy

Security and Compliance

At Cin7, we take security seriously. We are committed to protecting your data, ensuring compliance with industry standards, and continuously improving our security posture. Our approach combines robust security controls, regular audits, and transparent communication to provide a secure and reliable platform for our customers.

Our Commitment to Security

SOC 2 Type 2 Compliance

Cin7 is SOC 2 Type 2 compliant, demonstrating our commitment to maintaining strong security, availability, and confidentiality controls. This certification validates that we have implemented stringent security measures to safeguard customer data over time, following the Trust Services Criteria established by the American Institute of Certified Public Accountants (AICPA).

2502_soc2-compliant

Data Protection Measures

  • Encryption: All customer data is encrypted in transit and at rest using industry-standard encryption protocols.
  • Access Controls: Strict access controls, including role-based access and least privilege principles, ensure that only authorized personnel can access sensitive data.
  • Multi-Factor Authentication (MFA): MFA is enforced across our platform and internal systems to provide an extra layer of protection against unauthorized access.

Network and Infrastructure Security

  • Modern Security Architecture: Our infrastructure is designed with strong access controls, authentication mechanisms, and segmentation strategies to reduce security risks and enhance overall protection.
  • Regular Security Audits: We conduct periodic security audits, vulnerability assessments, and penetration testing to proactively identify and address security risks.
  • Cloud Security: Cin7 runs on Microsoft Azure infrastructure, and utilizes both built-in security features as well as third party configuration, auditing, and scanning tools.

Incident Response and Business Continuity

  • Incident Response Plan: We have a well-defined incident response plan that enables rapid detection, containment, and resolution of security incidents.
  • Business Continuity and Disaster Recovery: Our disaster recovery strategy ensures that customer data remains accessible and secure, even in the event of an outage or cyber incident.
  • Geo-Redundant Backups: Customer data is backed up regularly and stored in geographically diverse locations to enhance resilience.

Security Awareness and Best Practices

  • Employee Training: All employees undergo regular security awareness training to stay informed about evolving threats and best practices.
  • Phishing Prevention: We implement phishing detection and reporting mechanisms to help prevent social engineering attacks.
  • Responsible Disclosure: We encourage ethical security researchers to report potential vulnerabilities through our responsible disclosure program.

Transparency and Customer Trust

  • Continuous Monitoring: Our security posture is continuously monitored through automated tooling and expert oversight.
  • Security Reports: Customers can request and review relevant security information, including our latest SOC 2 Type 2 report via our Trust Center.
  • Contact Us: If you have any security concerns or need more information, please reach out to our security team at securityteam@cin7.com.


At Cin7, security is an ongoing commitment. We continuously evolve our security measures to meet industry best practices and provide our customers with the highest level of data protection.