hamburger hamburger

Security Practices at Cloudwick

Data
Encryption

Data is encrypted both in-transit using TLS and at rest, utilizing AES-256 encryption standards.

Secure Software Development

Cloudwick utilizes a variety of manual and automated data security and vulnerability checks throughout the software development lifecycle.

Penetration
Tests

Cloudwick works with industry-leading security firms to perform annual network and application layer penetration tests, ensuring up-to-date threat visibility and remediation.

Continuous Security Control Monitoring

Cloudwick uses Drata’s automation platform to continuously monitor 100+ security controls across the organization. Automated alerts and evidence collection allow Cloudwick to confidently prove its security and compliance posture any day of the year, while fostering a security-first mindset and culture of compliance across the organization.

Employee
Trainings

Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.

Role and Attribute Based Access Controls

Cloudwick solutions use fine-grained access controls to ensure only authorized users can access sensitive data—enforcing least privilege by default.

Audit Logging and Lineage Tracking

All platform activities, data access, and transformations are logged and traceable—ensuring audit readiness for frameworks like HIPAA and SOC 2.

AI
Governance

Use of Large Language Models (LLMs) is tightly controlled with role-based model access, secure prompt handling, and audit trails for GenAI-related operations.

Partnering for a Secure Future

Our achievements in obtaining the SOC 2 Type II and HIPAA attestation reports are significant milestones in our ongoing journey to ensure a secure environment for our clients. Yet, we believe that security isn’t a destination but an ongoing endeavor. We’re continually adapting and refining our strategies to counteract emerging threats and vulnerabilities.

Cloud-Native. Government-Ready

Cloudwick’s Amorphic Platform is built on more than 70 AWS services and adheres to the AWS Well-Architected Framework, ensuring:

High availability and resilience
Encrypted storage and compute layers
Regional failover capabilities
Customer-managed encryption keys (KMS)

Whether you’re automating workflows, enabling GenAI, or integrating siloed data, security and compliance are baked into every layer of the architecture.

Vulnerability
Disclosure Program

If you believe you’ve discovered a bug in Cloudwick’s security, please contact us at security@cloudwick.com. Our team promptly investigates all reported issues.

HIPAA-Compliant-logo
soc-logo

Contact the Security Team

For more details on our security practices or to request specific documentation, check out Drata or please contact our team at security@cloudwick.com.

Discover More

Explore Mission-Focused Solutions

See how Amorphic combines automation, AI, and compliance into ready-to-deploy solutions.

View Solutions