Namely Trust


Security

At Namely, we put security first. As keepers of our clients’ most sensitive data, we know your trust is imperative. Our comprehensive approach means you can have peace of mind.

Namely employs robust technical security safeguards to protect data and systems. All data is encrypted in transit and at rest utilizing AES 256­bit encryption. Access to client data is protected by two-factor authentication and restricted based on roles designed for segregation of duties and need-to-know access control principles.

  • Tested: Namely undergoes regular third-party penetration testing to ensure the integrity of our application. Our dedicated security team also performs ongoing internal security reviews, and vulnerability assessments are integrated directly into our software delivery pipelines.

  • Trained: It takes a village. We know that every employee counts when it comes to protecting client data. All Namely employees undergo security awareness and data handling training upon hire and renew their training annually.


Reliability

We’re there when you need us. The Namely platform is load-balanced across multiple data centers in the U.S., designed to always be online and automatically recover. Automated, encrypted backups of data are regularly conducted, and code updates are delivered to the Namely application continuously with no need for downtime. Namely also has a logical network topology designed for data assurance during unplanned failures or planned maintenance periods, ensuring high availability.

Namely is hosted on Amazon Web Services’ ISO 27001 Certified, SSAE18, FEDRAMP, and PCI DSS Level 1 compliant data center.
For more information visit: http://aws.amazon.com/compliance/.


Compliance

Namely undergoes regular third-party audits and holds a SSAE18 SOC 1 Type II report. Our SOC 1 audit takes it a step further than most, extended to cover several security-related control objectives, including: Application Development and Change Management, Operating System and Database Change Management, Logical Security, Physical Security, and Computer Operations.


Privacy

The privacy of your data is our priority. Namely meets TRUSTe privacy certification standards and Global Data Privacy Regulations. Namely is certified in both EU-US and US-Swiss Privacy Shield frameworks.

Our publicly accessible privacy notice is published at namely.com/privacy to inform consumers about our information processing practices.