trust center

Yess Trust Center

revenue game

Yess is engineered to provide enterprise-grade security and compliance while ensuring you retain control over your data. Here you can explore Yess’ security measures, policies, and documentation.

Pillars

Authentication and Authorization

Yess adopts stringent authentication and authorization measures to secure access to its systems. We mandate the use of Single Sign-On (SSO) platforms alongside phishing-resistant FIDO2 Multi-Factor Authentication (MFA) for all employee interactions with Yess’ systems. For cloud environment access, Yess employs IAM roles and ephemeral tokens, enhancing security and minimizing risk. Access to both development and production environments is tightly controlled, enforcing strict access controls.

Cloud Security
Architecture

Yess’ cloud security architecture employs immutable infrastructure managed via infrastructure-as-code to ensure a secure and controlled production environment. Our SDLC process, integrated with an automated CI/CD pipeline, enforces strict configuration management, security checks, and audit trails, with mechanisms in place to detect and escalate any unauthorized changes. We leverage cloud-native security features and robust authentication and authorization controls to limit remote access and maintain secure boundaries across our infrastructure. Additionally, Yess utilizes Amazon Web Services for its reliable hosting and computing capabilities, benefiting from Amazon's comprehensive compliance with SSAE-16 SOC 1, 2, and 3, ISO 27001, and FedRAMP/FISMA standards, ensuring our web servers and databases are housed in highly secure data centers.

Encryption

Yess ensures the security of data within its service by implementing encryption both in transit and at rest. We utilize AES-256, an industry-standard encryption algorithm, for securing database instances, including read replicas and backups. Additionally, all data in transit is protected via TLS encryption. For encryption key management, Yess employs cloud-native solutions like AWS KMS, ensuring secure storage and handling of keys. Our automated controls are designed to prevent the storage or transfer of keys through insecure or unauthorized methods, maintaining the highest level of data protection.

Logging and monitoring

Yess has implemented a robust monitoring and security information event management (SIEM) system across its architecture, collecting and analyzing data from various environments to identify potential threats. Based on predefined criteria, alerts are automatically sent to relevant stakeholders through internal communication tools, ensuring swift assessment and action according to the alert's priority. Our global security team is equipped to quickly address these alerts, leveraging a combination of automated processes and human expertise to maintain the integrity and security of our systems.

Annual Third-Party Audits

Yess undergoes annual independent SOC 2, Type II audits for security, availability, and confidentiality.

Endpoint Scanning

All Yess employees and contractor laptops are equipped with software to scan for malicious threats.

Vulnerability Scanning and Penetration Testing

Yess performs at least one penetration test per year, which is conducted by accredited and completely independent information security companies. Vulnerabilities, if found, are addressed immediately.

Security Training

Yess places a strong emphasis on the continuous education of its employees and contractors regarding security and privacy best practices. From the moment of hire, and at least annually thereafter, team members are rigorously trained in confidentiality, data security, and responsible data handling protocols. Our comprehensive security awareness program includes regular training sessions focused on information security and data privacy, along with up-to-date advice on countering emerging threats. Additionally, we provide customized guidance and procedures tailored to specific team roles, empowering our employees to integrate secure practices into their daily operations.

Q&A

Answers Unveiled: Navigating Through Common Queries

What payment methods do you accept?

We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.

How long does shipping take?

We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.

How can I contact customer support?

We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.

What is your return policy?

We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.

How can I track my order?

We accept various payment methods including credit/debit cards (Visa, Mastercard, American Express), PayPal, bank transfers, and other secure online payment platforms. Please note that accepted payment methods may vary depending on your location.

PROVEN COMMITMENT TO SECURITY

SOC2 Type II

Yess is SOC 2 Type II certified, confirming that the product and services Yess provides are mature, robust, and secure, and that we are actively creating an organization that supports these goals.

It also means that our software development processes and practices meet required levels of oversight and monitoring, so we can proactively monitor, identify, and address any unusual activity, remediate it with deep contextual insight, and take corrective action, if and when it is needed.

Contact us

If you have a security question, please contact our Security team at:

GIVE IT A TRY

Say no to typical sales automation platforms,
and Yess to more  revenue.

revenue?

Convert B2B leads into new sales meetings and go beyond typical sales automation softwares with the world's first hands-off AI pipeline creation agent.