Overview
Copia Automation is dedicated to providing best-in-class security for our customers. We understand that the files stored with us represents important IP, oftentimes critical infrastructure or production processes.
Here are some highlights of our security program:
- Encryption. We provide end-to-end encryption for data-at-rest and data-in-transit by leveraging AWS's cloud solutions. Production and back-up versions of your files are always encrypted, so even if an attacker were to somehow access our systems they wouldn't be able to access your files.
- Auditing. We have internal monitoring and logging to track user behavior on our website. This enables us to track employee actions as well as potential actions of any attacker.
- Battle Tested Infra. We leverage backend systems that are used by thousands of companies such AWS, Cloudflare, Git, and open-source backend solutions that have been picked over by hundreds of developers for security flaws and gaps.
- Product Access. We enable you to gate access to your files within Copia itself. You can choose to provide access to particular files or gate users so that they only have read-access privileges. In other words, we provide a complete set of functionality to manage orgs & teams.
We view security as an ongoing process, the rest of this document gives details about our existing security protocols as well as ongoing projects we have to tighten our access controls.
Finally, our security requirements are often driven by our customer's requirements. Please don't hesitate to reach out to security@copia.io if you have a requirement that is missing here.
Compliance

Documents
SOC 2 Report
Acceptable Use Policy
Access Control Policy
Asset Management Policy
Business Continuity Policy
Encryption Policy
Information Security Policy
Network Security Policy
Other Policies
Physical Security
Software Development Lifecycle
Vulnerability Management Policy
Penetration Testing
Product Architecture
Risk Profile
Data Access LevelInternal
Impact LevelSubstantial
Recovery Time Objective< 12 Hours
See more
Product Security
Audit Logging
Integrations
Multi-Factor Authentication
See more
Reports
SOC 2 Report
Data Security
Access Monitoring
Backups Enabled
Data Erasure
See more
App Security
Code Analysis
Credential Management
Software Development Lifecycle
See more
Legal
Access Control
Data Access
Logging
Password Security
Infrastructure
Amazon Web Services
BC/DR
Cloud Workload Protection
See more
Endpoint Security
Disk Encryption
Endpoint Detection & Response
Mobile Device Management
See more
Network Security
Data Loss Prevention
IDS/IPS
Security Information and Event Management
See more
Corporate Security
Asset Management Practices
Email Protection
Employee Training
See more
Policies
Acceptable Use Policy
Access Control Policy
Asset Management Policy
See more
Security Grades
Qualys SSL Labs
Copia Web Application