# Security at Unblocked URL: https://getunblocked.com/security Unblocked is SOC 2 Type II and CASA Tier II certified. Customer data is encrypted in transit and at rest, team-isolated, and never used to train shared models. --- ## Security Certificates ### AICPA SOC 2 Type II Unblocked is AICPA SOC 2 Type II certified, underscoring our commitment to maintaining top-tier security standards with regular third-party penetration testing. ### Cloud Application Security Assessment (CASA Tier II) Unblocked has achieved CASA Tier II verification, highlighting our adherence to the core security principles for cloud services. ## Data Security - **In transit** — All communications between clients and services as well as service and data stores are secured using TLS encryption. - **At rest** — All data stores are configured with encryption at rest using AWS managed encryption keys. - **Privacy** — Customers own their data. Unblocked does not sell data or use customer data to train shared models. - **Retention** — Data is removed upon deletion, for both accounts and integrations. - **Team-based data access** — Access to data across network layers is secured with encryption using customer-specific keys. ## Product Security - **Authentication & Authorization** — Unblocked does not store any user passwords, nor does it implement its own identity services. Authentication is performed via SAML SSO or OAuth 2.0 to your identity provider. Access to resources is authorized at every level of the stack from the network down to the DB. - **Fine-Grained Access Controls** — Unblocked respects access control settings from each data integration you connect. ## Operational Security - **Security Testing** — We conduct a range of security tests on an ongoing basis, including penetration testing, static and dynamic module scans, and code scanning. - **Detection and Response** — We employ a range of detection methods throughout our stack, including monitoring administrative endpoints, and have formalized a robust response framework should an incident arise. ## Corporate Security - **Background Checks** — All new team members are required to complete a background check during onboarding, as permitted by local law. - **Security Training** — All employees are required to complete security training as part of their onboarding process. ## More Questions? Visit our trust center to review our SOC 2 and security documentation: ## Get Started - Start a free trial: - Pricing: