Security

At Dalet Access, security is fundamental to everything we do. We maintain a robust and comprehensive set of security policies designed to protect our systems, data, and customer operations.

Our security program is governed by clearly defined protocols aligned with industry best practices and regulatory standards. These policies cover:

• Network and Data Protection, including encryption, access control, threat detection, and continuous monitoring.
• Endpoint Security & Device Management: Ensuring all internal and external devices accessing our infrastructure are secured and compliant.
• Incident Response and Risk Management We maintain a structured incident response plan, complete with escalation procedures, forensic investigation, and client communication protocols.
• Personnel & Access Controls All staff are subject to background checks, regular training, and role-based access control policies.
• Compliance and Audit Readiness Our systems and policies are regularly reviewed to meet or exceed industry frameworks such as NIST, HIPAA, and PCI-DSS.

At Dalet Access, we prioritize building a strong security culture across our organization. 

All personnel are required to complete mandatory annual security training, ensuring they remain informed about the latest threats, compliance requirements, and safe work practices.

In addition to the annual training, employees participate in ongoing security awareness initiatives throughout the year, which include:

• Quarterly phishing simulations and response drills
• Monthly security tip newsletters and alerts
• Role-based workshops for personnel with elevated access privileges
• Real-time guidance from our adaptive AI-powered security assistant

This proactive approach ensures that every member of our team—from leadership to frontline staff—is prepared to recognize and respond to potential security risks, helping us maintain a resilient and secure operational environment.

At Dalet Access, we do not operate our own physical data centers. Instead, we rely on industry-leading cloud infrastructure providers to deliver secure, scalable, and highly available hosting environments for our services.

To ensure the highest standards of data protection, all third-party providers we partner with are required to meet the following certifications and compliance benchmarks:

• SOC 2 Type II annual audit reports
• ISO/IEC 27001 certification for information security management
• Or equivalent industry-recognized frameworks for data privacy, integrity, and operational security

This approach allows us to leverage the best-in-class physical and environmental safeguards, redundancy, and 24/7 security monitoring capabilities of top-tier providers—while remaining agile, secure, and focused on innovation.