Yess Trust Center
Yess is engineered to provide enterprise-grade security and compliance while ensuring you retain control over your data. Here you can explore Yess’ security measures, policies, and documentation.
Pillars
Authentication and Authorization
Yess adopts stringent authentication and authorization measures to secure access to its systems. We mandate the use of Single Sign-On (SSO) platforms alongside phishing-resistant FIDO2 Multi-Factor Authentication (MFA) for all employee interactions with Yess’ systems. For cloud environment access, Yess employs IAM roles and ephemeral tokens, enhancing security and minimizing risk. Access to both development and production environments is tightly controlled, enforcing strict access controls.
Cloud Security
Architecture
Yess’ cloud security architecture employs immutable infrastructure managed via infrastructure-as-code to ensure a secure and controlled production environment. Our SDLC process, integrated with an automated CI/CD pipeline, enforces strict configuration management, security checks, and audit trails, with mechanisms in place to detect and escalate any unauthorized changes. We leverage cloud-native security features and robust authentication and authorization controls to limit remote access and maintain secure boundaries across our infrastructure. Additionally, Yess utilizes Amazon Web Services for its reliable hosting and computing capabilities, benefiting from Amazon's comprehensive compliance with SSAE-16 SOC 1, 2, and 3, ISO 27001, and FedRAMP/FISMA standards, ensuring our web servers and databases are housed in highly secure data centers.
Encryption
Yess ensures the security of data within its service by implementing encryption both in transit and at rest. We utilize AES-256, an industry-standard encryption algorithm, for securing database instances, including read replicas and backups. Additionally, all data in transit is protected via TLS encryption. For encryption key management, Yess employs cloud-native solutions like AWS KMS, ensuring secure storage and handling of keys. Our automated controls are designed to prevent the storage or transfer of keys through insecure or unauthorized methods, maintaining the highest level of data protection.
Logging and monitoring
Yess has implemented a robust monitoring and security information event management (SIEM) system across its architecture, collecting and analyzing data from various environments to identify potential threats. Based on predefined criteria, alerts are automatically sent to relevant stakeholders through internal communication tools, ensuring swift assessment and action according to the alert's priority. Our global security team is equipped to quickly address these alerts, leveraging a combination of automated processes and human expertise to maintain the integrity and security of our systems.
Annual Third-Party Audits
Yess undergoes annual independent SOC 2, Type II audits for security, availability, and confidentiality.
Endpoint Scanning
All Yess employees and contractor laptops are equipped with software to scan for malicious threats.
Vulnerability Scanning and Penetration Testing
Yess performs at least one penetration test per year, which is conducted by accredited and completely independent information security companies. Vulnerabilities, if found, are addressed immediately.
Security Training
Yess places a strong emphasis on the continuous education of its employees and contractors regarding security and privacy best practices. From the moment of hire, and at least annually thereafter, team members are rigorously trained in confidentiality, data security, and responsible data handling protocols. Our comprehensive security awareness program includes regular training sessions focused on information security and data privacy, along with up-to-date advice on countering emerging threats. Additionally, we provide customized guidance and procedures tailored to specific team roles, empowering our employees to integrate secure practices into their daily operations.
Answers Unveiled: Navigating Through Common Queries
We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.
We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.
We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.
We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.
We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.
SOC2 Type II
Yess is SOC 2 Type II certified, confirming that the product and services Yess provides are mature, robust, and secure, and that we are actively creating an organization that supports these goals.
It also means that our software development processes and practices meet required levels of oversight and monitoring, so we can proactively monitor, identify, and address any unusual activity, remediate it with deep contextual insight, and take corrective action, if and when it is needed.
Contact us
If you have a security question, please contact our Security team at:
Say no to typical sales automation platforms,
and Yess to more revenue.
Convert B2B leads into new sales meetings and go beyond typical sales automation softwares with the world's first hands-off AI pipeline creation agent.