Security at Alchemy
All of our API calls use TLS to help protect the integrity, privacy, and security of your requests.
We regularly conduct security tests on our systems and applications, and utilize third parties to annually perform penetration tests.
We rely on industry standard systems to protect our services against wide-scale coordinated attacks.
Our employees are trained on security controls and are taught how to identify and report phishing attacks.
We enforce the use of Single Sign-On with multi-factor authentication (MFA), and use Role Based Access Control to limit employees’ access to only the resources they need. We require phishing-resistant, hardware-based MFA for sensitive access.
We actively monitor all company-issued laptops for any suspicious behavior using industry standard tooling.
We assess the security of our third-party vendors to ensure they meet our high standards.