All Inkit Inc contractors and employees undergo background checks prior to being engaged or employed by us in accordance with local laws and industry best practices.
Confidentiality or other types of Non-Disclosure Agreements (NDAs) are signed by all employees, contractors, and others who have a need to access sensitive or internal information.
We embed the culture of security into our business by conducting employee security training & testing using current and emerging techniques and attack vectors.
Organization-wide protection isn’t just limited to the initial build of operations and products. Inkit’s security professionals are the manual backbone that ensures the continuous maintenance and improvement of our digital security systems. Their preventative measures revolve around the three security pillars of Monitoring, Risk Analysis, and Mitigation – each of which are achieved through:
As with Inkit’s overarching security commitments, we also have a team dedicated to maintaining Inkit’s binding Data Processing Addendum. This means our customers can feel 100% confident that their data protection needs are being addressed in-line with a full security documentation pack. To further this assurance, Inkit is fully SOC2 Compliant.
As well as Inkit’s own operational security, our products are also built with Data Security as their guiding principle. As referenced in the Penetration Testing section of this page, each of Inkit’s products are tested for security vulnerabilities regularly. Outside of their own security, Inkit’s products were developed to help our customers take control of their own Data Security. In particular, Inkit’s customizability allows organizations to adapt its capabilities so their paperless operations comply with virtually any security standard (through features such as: AES 256 Encryption, Document Self-Deletion, 2FA Support, and more). You can discover more about Inkit’s primary security product on:
Penetration testing is performed regularly by reputable third parties to ensure a complete, fair, and realistic assessment of our products’ security.
To support our clear & practical security policies, these reports are available on request. Please email security@inkit.com if you’d like to access them.
Our customers are updated on all relevant security vulnerabilities and enhancements via our changelog at: https://docs.inkit.com/changelog
As part of our clear and practical security policies, Inkit welcomes the discovery of any potential security vulnerabilities made by individuals or companies.
Although our continuous monitoring, regular testing, and routine mitigation procedures provide a comprehensive security infrastructure, we still understand the importance of encouraging any external discoveries.
If you would like to report a vulnerability in one of our products or services, or have security concerns regarding Inkit systems, please email security@inkit.com
To support a timely and effective response to your report, please include any of the following:
Inkit takes all vulnerability reports seriously and aims to rapidly respond and verify the vulnerability before taking the necessary steps to address it.
After an initial reply to your disclosure, which should be directly after receiving it, we will update you periodically with our response and remediation status.
Security issues that we have already assessed for risk and will address include:
Inkit Inc was audited by Prescient Assurance , a leader in security and compliance certifications for B2B, SAAS companies worldwide. Prescient Assurance is a registered public accounting in the US and Canada and provide risk management and assurance services which includes but not limited to SOC 2, PCI, ISO, NIST, GDPR, CCPA, HIPAA, CSA STAR etc. For more information about Prescient Assurance, you may reach out them at info@prescientassurance.com