Keeping your data secure is our top priority
Your company’s data is your most protected asset, and we built our entire platform around keeping it that way.
SOC 2 Type II
Aleph is SOC 2 Type II certified. Our infrastructure is continuously monitored and annually audited. A third-party penetration test is conducted at least once a year.
Data Encryption
Your data is encrypted in transit and at rest. Every communication uses SSL/TLS and is encrypted before being written to disk under the Advanced Encryption Standard (AES).
Data Hosting
Aleph is hosted using Google Cloud Platform (GCP), ensuring the highest standards, certifications, and third-party audits to support customers' compliance needs.
Secure access using single sign-on
Auth0 is used for identity management to leverage industry-leading features such as suspicious IP throttling and brute force protection.
- Google & Microsoft SSO are available by default
- Enable other identity providers like Okta with SAML support
Manage access with fine-grained controls
Fine-tune access and permissions down to the deepest level of data.
- Set global permissions for viewers, editors, and admins
- Create group-level permissions and tag users into teams or groups
- Configure data-level permissions for any data table or dimension
Preserve every change with version control
Don’t worry about updates to budgets, models, forecasts, or any spreadsheet getting overwritten or lost.
Teams can connect their spreadsheets and push data into Aleph. With version control, every change is recorded, saved, and restorable.
Keep an audit trail of all activity
Audit logs provide a detailed record of every activity and update within your account—providing the audit trail you hope you’ll never need to use but have it when you need it.
Frequently asked questions
If you don't see what your looking for, our security team is here to help.
Yes, Aleph complies with industry-standard encryption at rest (AES-256) and in transit (HTTPS/TLS).
Yes, Aleph is SOC 2 Type II certified. Our product and infrastructure are continuously monitored and annually audited. A third-party penetration test is conducted at least once a year and is available upon request.
Of course! If you are an existing customer or evaluating Aleph as a potential customer, submit your request through your CSM or our Contact Us form. We’ll work with your security team to provide the necessary documentation to satisfy your compliance standards.
Yes, on-premise hosting is an option. While we hold our cloud security to the highest standards, we understand that certain businesses require on-premise hosting. Contact Us to discuss these options in more detail.
Yes, you can sync user identity information from identity providers like Okta using SCIM. Directory sync allows you to automatically provision users and manage their permissions in Aleph.
For many of our core data connections, we have built our own API-based connectors to ingest and sync customers’ source data to their Aleph databases. To support such a large library of integrations, we also leverage Fivetran for data ingestion. For Fivetran connections, no customer data is stored on their servers.
Our data subprocessors list can be found at https://www.getaleph.com/subprocessors.
Of course, that is the beauty of Aleph! All of your data can be synced and saved into spreadsheets using Aleph’s Excel or Google Sheets add-ins.
Note: While all of your company’s data is yours to access, your team admins can control which users can access and interact with different data tables.
Yes, if for any reason you use Aleph and discontinue our service, we will delete your company’s data upon request or automatically after a certain number of days after the service has ended.
Contact Us if you need to submit a deletion request or need a confirmation or deletion.
Discover Aleph today
Type 2