Secure unstructured data management

Trust Shelf to keep your data secure with enterprise-grade admin management, security integrations, data governance, compliance audits, and privacy protections.

[ Security Overview ]

Trust Shelf to keep your data secure and meet your compliance requirements with enterprise-grade security

Icon-1
Customer Data Protection
  • Logical tenant separation
  • Encryption in transit (TLS1.2+)
  • Encryption at-rest (AES-256)
  • SSO and User lifecycle management (SCIM)
  • Real-time activity and audit logs
Icon-1
Infrastructure Security
  • Hosted on leading cloud infrastructure
  • Network and perimeter protection
Icon-1
Application Security
  • Web application firewall
  • Distributed Denial of Service (DDoS) protections
  • Regular vulnerability scanning
  • Annual penetration testing
Icon-1
Org Security
  • Security Awareness & Training
  • 24/7 Risk management
  • Vendor Risk management
  • Business continuity planning
Icon-1
AI Security
  • AI opt-out mechanisms
  • AI models exclusively hosted on leading cloud infrastructure
  • No data sharing across tenants for LLM training and finetuning
  • OWASP Top 10 LLM Framework
Icon-1
Compliance & Privacy
  • SOC2 Type II
  • GDPR
  • CCPA
  • OWASP ASVS
  • CAIQ Self-assessment
  • VSA Self-assessment
  • PCI Self-assessment
  • OWASP GenAI Security & Governance Framework

Request documentation via Whistic

Shelf uses Whistic to securely share company and product security profiles as well as detailed documentation required for vendor security assessments.

Request Documentation
[ Certifications ]

Certifications and frameworks

SOC2 Type II

Security, availability and confidentiality trust

GDPR

EU-compliant data protection protocols

OWASP

Application Security & Governance Framework

Security FAQ

What kind of infrastructure supports your services?

Our services are hosted on leading cloud infrastructure with advanced network and perimeter protection.

How do you defend against web-based attacks?

We deploy a web application firewall and DDoS protections to safeguard against external threats.

What measures are in place for detecting vulnerabilities?

We conduct regular vulnerability scanning and annual penetration testing to identify and mitigate risks.

What certifications validate your security measures?

We are SOC2 Type II certified, reflecting our commitment to high security standards.

How do you ensure business continuity in case of an incident?

Our business continuity planning prepares us to maintain operations and security under various scenarios.

How do you manage organizational security?

We maintain a strong focus on security awareness, training, and 24/7 risk management to ensure our staff is prepared to identify and mitigate risks.

What is your approach to managing risks from vendors?

Vendor risk management processes are in place to ensure all third-party services meet our stringent security standards.

Data privacy FAQ

What measures are in place to protect customer data?

We use logical tenant separation, encryption in transit (TLS 1.2+), and encryption at-rest (AES-256) to ensure data protection.

How do you comply with GDPR and CCPA regulations?

We are compliant with GDPR and CCPA, ensuring all data handling respects privacy laws and user rights.

Can users opt out of AI-driven features?

Yes, users have the option to opt out of AI features to maintain control over their data usage.

What standards do you follow for data security compliance?

We adhere to SOC2 Type II and perform various self-assessments including CAIQ, VSA, and PCI.

How is AI data managed to ensure privacy?

AI models are hosted securely, with no data sharing across tenants for LLM training and fine-tuning.

What ongoing practices ensure continued data privacy compliance?

Regular audits, continuous monitoring, and updates to our practices ensure we remain compliant with evolving privacy laws.

What frameworks guide your AI security practices?

We follow the OWASP Top 10 LLM Framework and GenAI Security & Governance Framework to ensure the security and governance of our AI implementations.

[ Ready to see Shelf in action? ]
Get your personalized intro to Shelf.
Cta - main image
Get Demo