SECURITY

schellman_iso27001_seal_blue_CMYK_300dpi_jpg

CxAlloy is committed to maintaining the confidentiality, integrity, and availability of customer information. Our Information Security Management System (ISMS) is certified to ISO/IEC 27001 by Schellman & Company, LLC, reflecting our structured and independently audited approach to risk management and data protection. CxAlloy also maintains a SOC 2 Type 2 report covering security and availability controls.

All official policies and documentation can be found on our Trust Center located here.

Questions or security concerns? Email security@cxalloy.com and we will respond promptly.

ISO/IEC 27001 Certification

CxAlloy’s Information Security Management System (ISMS) is certified to ISO/IEC 27001 by Schellman & Company, LLC. This certification applies to the scope of our ISMS and demonstrates our commitment to maintaining a structured and independently audited information security program.

Governance & Risk Management

CxAlloy maintains a formal risk management program, documented security policies, and internal audit processes aligned with ISO/IEC 27001 requirements. Our security program is reviewed and continuously improved to address evolving threats and regulatory expectations.

Hosting & Physical Security

CxAlloy is hosted within secure, enterprise-grade data center facilities operated by leading infrastructure providers. These facilities maintain strict physical access controls including keycard access, biometric verification, access logging, and 24/7 monitoring. Access to data center environments is restricted to authorized personnel.

Encryption & Dedicated Infrastructure

Customer data is transmitted using secure protocols such as HTTPS and SSH. Passwords are encrypted within our systems and databases. Security patches and software updates are applied regularly in accordance with our change management processes.

Access Controls & Personnel Security

Access to production systems is restricted to authorized personnel based on role and business need. CxAlloy maintains internal policies governing access management, employee onboarding and offboarding, and ongoing security responsibilities.

Redundant Environment

CxAlloy maintains a redundant hosting architecture designed to support high availability and business continuity. Infrastructure environments include redundant power sources, network connectivity, and failover capabilities to minimize service disruption.

Data Protection & Backups

Customer data is replicated across geographically separate regions. Regular backups are performed and retained according to defined retention policies. Backup data is stored separately from primary production systems to support recovery objectives.

Security Incident Reporting

Customers may report suspected security incidents or vulnerabilities to security@cxalloy.com. All reports are reviewed and addressed in accordance with our incident response procedures.

Trust Center

For detailed information regarding our security controls, compliance documentation, and risk management program, please visit the CxAlloy Trust Center here.

Privacy Questions & Concerns

Please contact security@cxalloy.com.

Software Services Support

Please contact support@cxalloy.com.