Security at Criteria
The security of our clients, our candidates, and our tests is a top priority at Criteria. To ensure this, we focus on maintaining and investing in the latest advancements in secure technology. We aim to make the Criteria platform as secure as possible – without sacrificing performance or detracting from the user experience.
Compliance and Certifications
Criteria is ISO27001:2013 certified and compliant with:
Criteria is ISO27001:2013 certified as of December 6, 2021. Certification applies to our Los Angeles and Brisbane offices:
Criteria Corp. (Los Angeles)
750 N. San Vicente Blvd. Suite 1500 E. Tower, West Hollywood, CA 90069
Criteria Corp. (Brisbane)
Level 18, 333 Ann Street, Brisbane, QLD 4000
Comprehensive Information Security
To provide our customers with the level of security they expect, we have adopted ISO27001 as our information security management system. With this system in place, you can trust that we will protect your data with the utmost security.
The Criteria platform is hosted entirely on Amazon Web Services (AWS), which boasts robust built-in privacy features and provides end-to-end security. To learn more about AWS security and its features, head to https://aws.amazon.com/security/. AWS is certified SOC 2 Type 2, meaning that they are regularly audited and tested to meet these high security standards.
Criteria customer data is hosted by AWS in secure data centers around the globe. AWS maintains an impressive number of reports, certifications, and third-party assessments to preserve their state-of-the-art data center security.
Your data is housed in tightly-controlled data centers around the world, leveraging both technological security and physical controls to prevent unauthorized access and keep your information safe and secure at all times.
The Criteria data ecosystem is continuously monitored to maintain a high standard of security, availability, and performance that you can rely on. We have automated security testing and use third party penetration testing to stay ahead of potential threats to your data.
All data at Criteria is encrypted at rest using AES-256 encryption.
Technology You Can Trust
We are committed to modern technology, and are always seeking to match the latest and greatest advancements in tech. This commitment allows our platform to be highly scalable, stable, and secure.
The cloud-based nature of our platform makes it possible to increase platform capacity as needed. We employ auto-scaling best practices along with significant investment in serverless technologies to remain on the bleeding edge. This elastic expansion ensures that our servers will never hit capacity and can scale to meet ever-increasing demand.
Since our infrastructure expands dynamically as needed, we are able to support your data needs, regardless of their size or complexity.
The Criteria platform is highly scalable in a highly secure way. We utilize end-to-end encryption, where information is encrypted both at rest and in transit to ensure its protection.
Our infinite scalability enables our stability. Since our infrastructure dynamically updates and scales to meet demand, our application is reliable and redundant under stress, meaning that it won’t crash or fail to meet your needs.
We take security seriously. Our stability, scalability, and commitment to implementing cutting edge security practices protect your data. Along with our vast technical controls, every Criteria employee is trained and held to the same rigorous security practices to prevent data breaches and keep your information safe.
Criteria is GDPR, CCPA, and APP compliant, adhering to and enhancing consumer protection and privacy rights around the world.
Read Criteria’s full Data Processing Addendum to learn how we process and handle your data.
Our commitment to security extends beyond how we maintain our platform – we keep our tests just as secure. We use dynamic testing to mitigate the risk of cheating, employ adaptive testing techniques, and can flag inconsistencies in responses.
Visit Criteria’s Test Security page to learn more.
Questions about Criteria’s security practices or compliance?
Information is a top priority at Criteria throughout our entire platform. If you have any questions about our practices, you can review our Cybersecurity FAQs, or contact us directly.
If you believe you have found a vulnerability or another security concern, send an email to firstname.lastname@example.org.