Utelogy Security Statement

At Utelogy, security is fundamental to everything we do. Our platform is built on Microsoft Azure stack and leverages industry-standard services to deliver enterprise-grade security, resiliency, and compliance. We are committed to protecting customer data, ensuring secure access, and maintaining high availability across all our systems.

Cloud-Native Architecture for Resilience

Utelogy is a cloud-native organization. We rely on highly available and fault-tolerant cloud services for all business operations, enabling access to systems from anywhere in the world. This distributed architecture ensures that Utelogy remains resilient in the face of local outages, disasters, or emergencies.

Our clous SaaS platform is hosted on Microsoft Azure, which maintains multiple global data centers with built-in redundancy and backup protocols. Our databases are set up across multiple regions to minimize single points of failure, support rapid disaster recovery and comply with data security requirements such as GDPR.

Security & Access Controls

Utelogy provides a robust security model that governs granular application access at the user level:

• Secure Authentication: We support Single Sign-On (SSO), Multi-Factor Authentication (MFA), and enforce strong password policies
• Connectivity: Utelogy supports secure protocols such as HTTPS with TLS 1.2+ to safeguard communications.
• Data Protection: Telemetry data is encrypted in transit and at rest using AES-256 encryption. We do not store or record any audio or video content.

Data Privacy & Protection

Utelogy prioritizes data privacy and complies with regional regulations and best practices. All customer data is stored in logically separated databases, located regionally based on the legal requirements selected during account creation.

We do not collect or transfer any special categories of personal data such as race, political or religious beliefs, genetic or biometric data, health information, or sexual orientation.

The data we do handle includes:

• Personal Data (PII): First name, last name, and email address (used for user account creation)
• Non-PII Data: Device telemetry (e.g., power status, volume level, mute state, etc.) collected and encrypted for monitoring and analytics purposes.

Compliance and Audits

Utelogy is committed to maintaining the highest security standards and adheres to rigorous compliance practices, including:

• SOC 2 Type II (since 2022)
• OWASP
• 3^rd party PenTests and audits
• Business Continuity and Disaster Recovery

Utelogy leverages highly secure, cloud-based services for hosting, data storage, and authentication—each chosen for their robust security posture and extensive compliance certifications. These providers support a wide range of national, regional, and industry-specific regulatory requirements related to data collection, storage, and usage. We work exclusively with industry-leading vendors and conduct annual audits to ensure ongoing compliance and alignment with best practices.

We conduct regular security assessments, including OWASP-based penetration testing and vulnerability scanning. Our Disaster Recovery (DR) and Business Continuity (BC) plans are tested annually and reviewed by our SOC 2 auditors.