Security & Privacy
at Robin AI

Security is central to our mission. We are committed to helping our customers enhance their security and meet compliance requirements. This commitment starts with ensuring our own systems and operations meet high security and compliance standards.
governance

At Robin AI, security and privacy are treated as serious priorities that are critical to earning user trust. We establish and uphold comprehensive policies and systems aimed at maintaining robust safeguards around user data. Responsibility for managing security processes and protocols extends across all levels of the company. We have processes in place for regularly monitoring, auditing and ensuring adherence to our strict internal data protection standards.

Security & Compliance at Robin

Robin AI  maintains a SOC 2 Type I attestation and an ISO 27001 compliance certification. Our SOC 2 Type II report our Trust Center.

Data Protection

Data at Rest

All databases containing customer data are encrypted while at rest.

Data in Transit

Utilizing TLS 1.2 or higher, along with HSTS, ensures secure data transmission across potentially insecure networks.

Secret Management

Effective secret management involves securely storing and managing encryption keys to safeguard sensitive information.

Penetration Testing

Robin AI engages with a leading penetration testing consulting firm on  an annual basis to ensure rigorous security evaluations. These assessments encompass all aspects  of the Robin AI product and cloud infrastructure.
Governance
All corporate devices within Robin AI are centrally managed and feature  mobile device management (MDM) software alongside anti-malware  protection.

Endpoint security alerts receive continuous monitoring with  around-the-clock coverage throughout the year. MDM software is leveraged  to enforce secure endpoint configurations, including disk encryption,  screen lock setup, and software updates.
Vendor Security
Robin AI employs a risk-based methodology for evaluating vendor  security. Factors contributing to a vendor's inherent risk rating  include
Access to customer and corporate data
Point Integration with production environments
Potential impact on the Robin AI brand
Following the determination of the inherent risk rating, the vendor's security measures undergo assessment to ascertain a residual risk rating and inform the decision regarding vendor approval.
Security Training
Robin AI offers comprehensive security training to all employees as part of their onboarding process and annually through educational modules within Robin AI's platform. Additionally, all new hires are required to attend a live onboarding session that emphasizes key security principles. New engineers undergo a mandatory live onboarding session focused specifically on secure coding principles and practices.

Furthermore, Robin AI's security team conducts regular threat briefings to keep employees informed about critical security updates and safety-related information that may require special attention or action.
Identity & Access Management
Employees at Robin AI are provided access to applications based on their  roles and are automatically deprovisioned upon termination of their  employment. Any additional access beyond their initial permissions must  be approved in accordance with the policies established for each  application.

We enforce the use of phishing-resistant authentication factors,  leveraging  Mimecast.

Data Privacy

At Robin AI, safeguarding data privacy is of paramount importance. We  are committed to being reliable custodians of all sensitive data.

Learn more

security@robinai.com