At Ambassador, we prioritize security for all of our clients. We’re committed to investing in securing our user data and protecting customer information.
Ambassador employs industry-standard practices to adhere to widely accepted security and privacy frameworks, assisting our customers in meeting their compliance requirements. We implement robust security measures and uphold policies and procedures to comply with necessary data security standards. Through our continuous improvement program, we consistently reassess and enhance our information security protocols.
Ambassador holds SOC 2 Type II and PCI certifications. As a SaaS company, we diligently strive to meet optimal security standards to safeguard our customers against potential vulnerabilities. We undergo routine audits to maintain and update our SOC 2 Type II reports, ensuring the ongoing integrity of our certification.
Data security is of utmost importance to Ambassador. In addition to periodic third-party penetration tests, we utilize a dynamic suite of vulnerability detection and mitigation tools to promptly and efficiently address new vulnerabilities.
Annually, Ambassador collaborates with leading external security consulting firms to conduct penetration testing on our product lines and infrastructure. Our security and development teams work closely with these partners to review findings and develop remediation plans. We perform follow-up testing to ensure the effectiveness of remediation activities and provide summary reports to our clients upon request.
Annually, Ambassador collaborates with leading external security consulting firms to conduct penetration testing on our product lines and infrastructure. Our security and development teams work closely with these partners to review findings and develop remediation plans. We perform follow-up testing to ensure the effectiveness of remediation activities and provide summary reports to our clients upon request.
For security questions, you may contact your customer success manager or email [email protected]
Ambassador’s data centers are hosted with Amazon Web Services data centers in the state of Virginia in the United States. Data backups are also preserved in a US-based distributed database in Google Cloud.
Ambassador uses Amazon Web Services Relational Database Service for backups with multiple availability zones. Each Availability Zone has its own power, cooling, and network connectivity and thus forms an isolated failure domain. Additional backups are made to a Google Cloud environment that distributes multiple copies of data across the US, mitigating the already rare possibility of a complete loss of data in AWS.
Your customer success team can help you obtain access to Ambassador’s online Security and Compliance Kit. There you will be able to access Ambassador’s security resources.
Ambassador does permit certain customers (e.g. Enterprise customers) the ability to perform audits beyond an inspection of the reports, questionnaires, and other artifacts available in the kit.
Ambassador does permit eligible customers to perform penetration testing on our services. Ambassador operates a comprehensive penetration testing program. Ambassador’s penetration testing executive summary reports are available through your sales representative or the customer success team.
Yes. Ambassador maintains a comprehensive set of security policies and procedures in accordance with SOC 2 Type II and PCI security frameworks.
Due to the sensitive nature of the material contained in the report, and the copyright requirements of the assessing firm, we can only share our SOC 2 report with eligible customers. An MNDA must be executed before the report can be viewed. For more information, please contact your sales representative or our customer success team.
Yes. Ambassador maintains a Disaster Recovery and Business Continuity plan that supports a robust business continuity strategy for the production services and platforms.
Yes. Ambassador can provide copies of our security policies to customers upon written request. Please note that a mutual non-disclosure agreement must be signed and in place in order to receive requested policies.
Yes. Ambassador can provide copies of our penetration tests and vulnerability scan reports to eligible customers (e.g. Enterprise) upon written request. Please note that a mutual non-disclosure agreement must be signed and in place in order to receive the requested penetration testing report.
Ambassador provides all clients with access to our support teams, which are available to assist in handling urgent matters.
Ambassador will notify affected customers about a breach of security compromising customers’ data. Additionally, customers are able to subscribe to service updates at http://status.getambassador.com to learn about general service availability, maintenance operations, or general security issues.
Sign up for our Ambassador newsletter and get notified when we publish new eBooks, case studies, blog posts and more. It's like a crash course in referral marketing - and it's free. Plus, we promise not to spam you.
