Uncompromising data security and trust
Symphony’s communications technology, comprising our Messaging, Voice, Directory, and Analytics platforms, is engineered for the complex needs of regulated markets, prioritizing security, risk management, and compliance.
Security by design
Symphony prioritizes customer protection and has achieved SOC 2 and ISO certifications.
Data encryption
All Symphony customer data is encrypted to industry-leading standards, both in transit (TLS v1.2) and at rest (AES256).
Secure and reliable infrastructure
Symphony’s infrastructure, hosted on Google Cloud and Amazon Web Services (SOC 1, SOC 2, and SOC 3 certified), ensures customer data security. Web servers and databases are load-balanced across multiple availability zones for enhanced reliability.
Single sign-on support
Symphony supports single sign-on (SSO) using SAML 2.0 with leading systems like Duo Security, Okta, OneLogin, and Microsoft Entra ID.
Annual penetration testing
To ensure the security of your data, Symphony conducts annual third-party penetration testing. This testing simulates real-world cyberattacks and includes critical security risks identified by the Open Web Application Security Project® (OWASP).
GDPR and CCPA compliant
Symphony prioritizes the compliant handling of personal information and adheres to the standards of both the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). All legal policies are available here.
Data segregation and security
Customer data is secured through logical separation, enforced by strict coding standards, thorough code reviews, and robust database design.
Access management and controls
Symphony implements access controls based on the ‘principle of least privilege’, ensuring that customer data is accessible only to authorized employees who require it for their job functions. All system access is logged.
Thorough system management
Symphony maintains comprehensive change management controls. All system changes directly affecting Symphony’s customers are subject to meticulous planning and open communication.
Employee privacy and security training
Security is a company-wide endeavor. All employees complete an annual security training program and employ best practices when handling customer data.
Rigorous policies and procedures
Symphony’s information security management system is based on industry best practices (ISO 27001). Through this framework, customers can trust that working with Symphony is a reliable, consistent, and secure experience.
Vendor evaluation
Symphony prioritizes the security of your data by implementing rigorous vendor evaluation and security review processes. All vendors handling confidential customer information are mandated to meet industry-leading control standards. Refer to Symphony’s Privacy Page for further details.
Certifications
Symphony champions data privacy and meets legal and regulatory obligations globally
Data Privacy Framework (DPF) Program
Association of International Certified Professional Accountants
Financial Services Information Sharing and Analysis Center
Financial Services Information Sharing and Analysis Center
Digital Operational Resilience Act (DORA)
ISO27001, ISO27017, ISO27108 Certified
For questions or more info please contact
Symphony is trusted across financial services
Get started with Symphony
We're happy to answer questions and get you acquainted with Symphony and our Messaging, Voice, Directory and Analytics platforms.
- Streamline secure collaboration
- Connect market participants and workflows
- Empower data and insights
- Enable security & compliance
- Deploy and build integrations, apps & bots