Security is at our core

Security isn’t just another box to check. It’s an essential component of our technology, and we are committed to keeping your data safe.

Shelf is SOC2 compliant

Developed by the American Institute of CPAs (AICPA), SOC 2 defines criteria for managing customer data based on five “trust service principles” – security, availability, processing integrity, confidentiality and privacy. Shelf’s SOC 2 compliance is proof of our commitment to security and data integrity throughout our operations and services.

Data and network security

We ensure the confidentiality and integrity of your data with industry best practices. Shelf servers are hosted at SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Our fully automated Intrusion Prevention + Detection System (IPS/IDS) utilizes Machine Learning to watch out for security alerts and events 24/7.

Key security features 

We combine enterprise-class security features with comprehensive audits of our applications, systems, and networks to ensure customer and business data is always protected:

  • Data encryption both in transit and at rest
  • State-of-the-art data centers with physical security and biometric access control
  • SAML-based SSO
  • Content access control that’s easy to understand and manage
  • Continuous real-time monitoring of all Shelf infrastructure and security

Application security

We take measures to securely develop and test against security threats to ensure the safety of our customer data. Furthermore, Shelf employs third-party security experts to regularly perform detailed penetration tests across the Shelf Platform.