Secure Encryption via HTTPS: To protect our client-facing SaaS platform, users can only access it over HTTPS.

Multi-Factor Authentication (MFA): We leverage industry-standard security measures, such as MFA, authentication/ authorization modules, password complexity enforcement, IP filtering, identity federation, and user access groups for controlling feature and data access.

Session Timeouts: User sessions timeout after 30 minutes of inactivity, and the session ID is not part of the application URL.

Credentials: Our clients are required to provide a username and password, as well as an MFA code, in order to access their accounts.

Systematic Reviews: Canoe systematically reviews the state of our technology with the help of external parties. Like most financial firms, we undergo an annual SOC2 type 2 audit to validate the controls we have in place to safeguard customer data, such as periodic internal testing.

Advanced Encryption Algorithm: Canoe uses advanced encryption technology to protect all data transmission between our servers and our clients’ devices. This means that any data transmitted over the internet, including login credentials and financial statement data, is protected from hackers and other cyber threats. Canoe encrypts data in transit and at rest via an encryption algorithm.

Testing and Assessments: Canoe employs industry-leading tools for cloud infrastructure vulnerability scanning, annual security testing, network penetration testing, web application penetration testing, and AWS security configuration assessments.

Cybersecurity Programs: Canoe participates in Blackstone’s portfolio company Cyber Security program and meets with their portfolio cybersecurity team on a monthly basis to review our security posture.

Due Diligence Processes: For other clients and prospects, we have gone through very stringent tech and security diligence processes. These clients and prospects happen to be among the most sophisticated cybersecurity-focused firms within the financial industry.

Provider and Supplier Requirements: Canoe requires our third-party suppliers to follow industry standard compliance and regulatory strategies and certifications. As a provider, Canoe supplies SOC2 certification and outlines protection, privacy, and incident response requirements.

Security Incident Response Plans: Canoe has a well-defined security incident response plan in place to ensure preparedness in the event of a security breach or other data loss incident.

Monitoring and Auditing Procedures: We have implemented rigorous monitoring and auditing procedures to detect and prevent any suspicious activity on the platform. This includes real-time monitoring of user behavior, as well as regular security audits to ensure that our systems are up-to-date and secure.

Proactive Detection: Canoe uses world-class tools to proactively detect and address issues before customers are impacted.

Comprehensive Audit Trail: All actions by authenticated users are logged, ensuring you have a complete historical audit trail.

Cybersecurity-Focused AWS Configurations: Our AWS instance is configured to ensure cloud configuration drift is prevented, and we employ a number of different tools to support logging, monitoring, and alerting, including those for detecting and troubleshooting application errors, infrastructure logging and monitoring, analyzing application and infrastructure logs, and intrusion detection and prevention.