Erudit has deployed an intrusion detection system that is designed to identify and react to any unauthorized efforts to access our systems or data. This system constantly monitors our networks for any atypical activity and immediately notifies our security team if it identifies any suspicious behavior in real-time.

Erudit has implemented data loss prevention systems to prevent the unauthorized disclosure of sensitive information. These systems monitor data traffic and can identify and prevent the transfer of sensitive data.

Erudit uses multi-factor authentication to protect against unauthorized access to our systems and data.

Erudit undergoes regular external audits and penetration testing by independent third-party firms to ensure that our systems are secure and up-to-date.

Erudit is committed to maintaining the highest standards of data privacy and security. We’re currently in the process of obtaining both ISO 27001 and SOC 2 Type II compliance certificates.

The length of time that data is stored varies depending on the Data Sharing Agreement signed with the customer. On top of that, we follow industry best practices and legal requirements.

By default, Erudit does not store customer data. If a given customer happens to have a Data Sharing Agreement, data is stored in an isolated AWS environment (account and region), and only very limited, authorized personnel have access to it using fine-grained, role-based access control (RBAC).

Erudit takes data privacy and security very seriously, so all sensitive data is encrypted both in transit and at rest. We use industry-standard encryption algorithms such as AES-256 to protect the confidentiality of data, having the keys stored in an isolated AWS environment in KMS.