Thank you for using iFOLIO services.
iFOLIO® helps companies grow with a digital marketing platform for the mobile world.
We make work easier for sales, marketing, and service teams with world class technology and built in support.
Our client's trust is top priority.
We deliver our technical solution to active users in 50 US states and over 100 countries, through the cloud and a software-as-a-service model, self-service, and built-in support.
We provide additional white glove support for enterprise licenses.
We have product videos & FAQs baked into the product in every user's dashboard.
If you need additional support - or if you wish to report a an issue, please contact firstname.lastname@example.org or call the number: 470-223-4818
No one is authorized to share your iFOLIO profile without your permission. The way you share your iFOLIO is through sharing your iFOLIO link – and you may choose to password protect this
Vendor & Risk Management
We undergo at least annual risk assessments to identify any potential threats, including considerations for fraud
Vendor risk is determined and the appropriate vendor reviews are performed prior to authorizing a new vendor
Test Driven Development
Using test driven development (TDD) approach and automated functional testing allows to ensure robustness of the system during product development cycle
Information Security Program
We have an Information Security Program in place that is communicated throughout the organization. Our Information Security Program follows the criteria set forth by the SOC 2 Framework. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants.
Roles and Responsibilities
Roles and responsibilities related to our Information Security Program and the protection of our customer’s data are well defined and documented. Our team members are required to review and accept all of the security policies.
Security Awareness Training
Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
All team members are required to sign and adhere to an industry standard confidentiality agreement prior to their first day of work.
We perform background checks on all new team members in accordance with local laws.
Cloud Infrastructure Security
All of our services are hosted with Amazon Web Services (AWS). They both employ a robust security program with multiple certifications. For more information on our provider’s security processes, please visit AWS Security.
Data Hosting Security
All of our data is hosted on Amazon Web Services (AWS) databases. These databases are all located in the United States unless otherwise requested. Please reference the above vendor specific documentation linked above for more information.
Encryption at Rest
All databases are encrypted at rest.
Encryption in Transit
Our applications encrypt in transit with TLS/SSL only.
We perform vulnerability scanning and actively monitor for threats.
Logging and Monitoring
We actively monitor and log various cloud services.
Business Continuity and Disaster Recovery
We use our data hosting provider’s backup services to reduce any risk of data loss in the event of a hardware failure. We utilize monitoring services to alert the team in the event of any failures affecting users.
We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication.
Permissions and Authentication
Access to cloud infrastructure and other sensitive tools are limited to authorized employees who require it for their role.
Where available we have Single Sign-on (SSO), 2-factor authentication (2FA) and strong password policies to ensure access to cloud services are protected.
Least Privilege Access Control
We follow the principle of least privilege with respect to identity and access management.
Quarterly Access Reviews
We perform quarterly access reviews of all team members with access to sensitive systems.
All team members are required to adhere to a minimum set of password requirements and complexity for access.
All company issued laptops utilize a password manager for team members to manage passwords and maintain password complexity.
Using our Platform
If your account is associated with an organization’s license, meaning they provided you access to the services, that organization may have access to view your profile.
Although Licensees have access to view this information, you do not have access or permission to share it. You must get permission from User to use their information or share their information.
iFOLIO uses Hypertext Transfer Protocol Secure (HTTPS) + Transport Layer Security (TLS) to encrypt our transported data.
Security is achieved by data transfer encryption, multilevel access control, users actions audit, automated logs monitoring with multiple triggers alerting iFOLIO support about any suspicious events
iFOLIO Ensures for Responsible Account Management
Audit Logs that record user's events and track changes during sessions.
Role-Based Access Control (RBAC) that can assign permissions to authorized users and restrict control for unauthorized users to edit templates or view information.
Single Sign-On (SSO) allowing the user to log in once and access services without re-entering authentication factors.
Single Log-Out (SLO) so that a single action of signing out terminates access to all active user sessions to secure the account.
Amazon Relational Database Service
Amazon RDS makes it easy to set up, operate, and scale in the cloud. It provides cost-efficient and resizable capacity while automating administration tasks such as hardware provisioning, database setup, patching and backups.
Basically, it allows us to focus on building our solution while giving you fast performance, high availability, security and compatibility.
AWS Lambda is a serverless compute service that lets us run code without provisioning or managing servers, creating workload-aware cluster scaling logic, maintaining event integrations, or managing runtimes.
With Lambda, we can run code for virtually any type of application!
iFOLIO + Twilio Partnership
iFOLIO takes Twilio’s programmable text message and adds images, clickable links, and signatures to campaigns that can be mass delivered from a 10-digit phone number. Our partnership with Twilio's API and intelligence software ensures trusted communications across mobile channels.
Non-iFOLIO Applications, Integrations and your Data
You grant Us permission to allow the Non-iFolio Application and its provider to access your Data as required for the interoperation of that Non-iFolio Application with the Service.
We are not responsible for any disclosure, modification or deletion of Your Data resulting from access by such Non-iFolio Application or its provider.
950 East Paces Ferry Rd NE, Suite 1555, Atlanta, GA 30326