Newforma Security

Newforma’s Commitment to Customer Security and Privacy

Protecting customer data is a top priority at Newforma and we continue to lead the AECO software industry for security best practices.

SOC 2 Certification

Newforma has recently achieved SOC 2 certification in order to protect customer data. System and Organizational Controls (SOC) was developed by the American Institute of CPAs (AICPA). SOC 2 is a U.S. security certification that defines criteria for managing customer data. The SOC 2 certification audit covers five specific service trust principles including security, availability, processing integrity, confidentiality, and privacy.

The certification of Newforma’s policies, procedures, and infrastructure controls went through a rigorous review process over a three-month time period by an independent, third-party certified auditor A-LIGN.

Our Commitment

Newforma’s dedicated security team continuously monitors emerging threats taking proactive measures to prevent security breaches and attacks. In addition, Newforma logs all activity that occurs within our cloud and on-premises applications with automated alerts for our security team based on any anomalies detected.

We take a holistic, system-wide approach beginning with our employees and processes, to the source control and individual lines of code in both our on-premises and cloud products. Sensitive data such as passwords, project data, and personal information require additional protection due to the potential for cryptographic failures. We use the latest and most current encryption techniques to protect customer data.

When features are designed, security is a key consideration by our product design, engineering, and quality teams. Newforma has an in-depth code review process conducted by our security team. The security team regularly reviews and educates developers and product team members on security issues and secure design.