|

Trust Center

Akka's commitment to security and compliance is paramount leading to attestation or certification of 23 compliance standards and a plan to implement additional controls throughout 2025.

Akka has been deployed into 1000s of mission-critical environments. Neither Akka's software nor our hosted environments, such as services provided at Akka.io, have ever had a security breach. We understand that our customer's trust in our software and in us is critical, and we prioritize researching and supporting new InfoSec initiatives.

Standards

Resources

Policies

Subprocessors

Amazon

Cloudsmith

Docebo

Google

HubSpot

Microsoft

Salesforce

Zoho

Controls

Governance

Conduct and Ethics

Establishes Standards of Conduct

Akka has established Acceptable Use and Corporate Ethics Policies which are both reviewed/updated on an annual basis by Executive Management.

As part of the formal onboarding process, all employees are required to sign indicating their agreement and acknowledgment of the Acceptable Use and Corporate Ethics Policies and re-sign annually thereafter or in the event of any significant revisions.

Akka’s compliance with SOC2 requirements regarding Acceptable Use and Corporate Ethics Policies directly benefits customers who must also adhere to SOC2 or similar frameworks. By maintaining up-to-date, executive-reviewed policies and requiring all employees to acknowledge and re-acknowledge these policies annually or after significant changes, Akka demonstrates a strong commitment to ethical conduct and responsible use of systems and data. This reduces the risk of insider threats and unethical behavior, providing assurance to customers that their data and operations are handled in accordance with industry best practices. For customers, partnering with a vendor that enforces these controls simplifies their own compliance efforts, as it provides documented evidence of due diligence in vendor management and supports their own audit requirements.

Customer-Confidential Data

Segregation of Customer Data

Each customer’s data is logically isolated from customer belonging to other customers. This separation is maintained at all times, through all components.

Data Retention and Disposal

Removes Data and Software for Disposal

The company has electronic media containing confidential information purged or destroyed in accordance with best practices, and certificates of destruction are issued for each device destroyed.

Third Parties

Acquisition and Onboarding

Vendor Management Analyzes Threats and Vulnerabilities From Vendors, Business Partners, and Other Parties

A vendor management process has been implemented whereby we perform risk assessments of potential new essential vendors and evaluate the performance of essential vendors on an annual basis. Corrective actions are taken as required based on the results of the assessments.

Customer Support

Customer Support

Customer Support System

We provide a support system that allows users to report suspected defects, complaints, issues, and any other challenge through an appropriate channel.

Reported tickets are addressed by our support staff in a timely manner, as detailed in this policy.

Endpoint Management

Workstations

Workstation Security Patches

All Company Workstations must be patched with the latest operating system updates. Automatic updates must be enabled but can be scheduled so as to not interfere with business.

Akka’s compliance with SOC2’s patch management control ensures that its development and operational environments follow rigorous processes for timely remediation of operating system vulnerabilities and regular verification of automatic updates. For customers who must also comply with SOC2, this provides assurance that Akka’s software supply chain and support infrastructure are maintained securely, reducing the risk of inherited vulnerabilities. Akka’s documented processes and guidance, such as references to internal wikis for configuring automatic updates, help customers implement similar controls in their own environments, streamlining their compliance efforts and audit readiness. This alignment reduces the customer’s compliance burden and enhances their overall security posture by leveraging Akka’s established best practices.
Infrastructure

Availability and Scalability

System Performance and Capacity Monitoring

The IT team continuously monitors system capacity and performance through the use of monitoring tools to identify and detect anomalies that could compromise availability of the system operations. Incident management process is invoked for confirmed events and anomalies.

Logging and Monitoring

Policy

Intrusion Detection System Utilized

The company uses an intrusion detection system to provide continuous monitoring of the company’s network and early detection of potential security breaches.

Akka’s compliance with SOC2 requirements, specifically the use of an intrusion detection system (IDS) for continuous network monitoring and early breach detection, benefits customers by ensuring that the Akka platform is proactively monitored for suspicious activities and potential threats. For customers who must also comply with SOC2, leveraging Akka’s compliant infrastructure means they inherit a secure foundation where real-time alerts and incident response mechanisms are already in place. This reduces their own compliance burden, as Akka’s monitoring features—such as audit logging, integration with security information and event management (SIEM) systems, and support for secure communication protocols—facilitate the detection and reporting of anomalies. As a result, customers can more easily demonstrate their own compliance with SOC2 controls related to network security and incident detection, while benefiting from Akka’s robust security posture and rapid response capabilities.