Security and Compliance
At Ignify Technologies, our digital trust mission is to protect the information our employees, customers, and partners share with us.
We are proud to have a cyber-resilient culture where employees and contractors are trained on industry best practices so they can act as first line of defense in detecting and preventing cyber-attacks. We also continue to partner with industry experts to implement and improve our technical and procedural controls designed to prevent sensitive data and intellectual property in our care from unauthorized access.
We take the responsibility to protect your information seriously. That is why we have implemented these industry-leading security solutions and practices into our core business operations and product development process.
- Policies and Procedures
- Cloud Workload Protection Platform
- Unified Endpoint Management System
- Identity and Access Management
- Multi-factor authentication
- Data Loss Prevention
- Mobile Device Management
- Vulnerability Management
- Application Security Testing
- Threat Modeling
- Static Code Analysis
- Dynamic Application Testing
- Security Awareness Training
Like many Software-as-a-Service providers, ensuring the security of our platform, supporting systems, and data is a shared responsibility among our team, our trusted cloud service provider, and our customers. With guidance from industry experts Ignify has established a model for SPARK that clearly articulates who is accountable for key security responsibilities across the environment.
Our shared responsibility model covers:
- Physical Security
- Infrastructure Security
- Network Security
- Application Security
- Data Security
- User Security
- Integration Security
- Resiliency
- Privacy and Data Protection
- Compliance
Ignify Technologies complies with SSAE 18 standards and maintains a SOC 2 Type 1 and Type 2 attestation of the SPARK platform.
SOC 2® reports are examination engagements performed by a service auditor
in accordance with SSAE 18 and meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization relevant to security, availability, and processing integrity of the systems the service organization uses to process users’ data and the confidentiality and privacy of the information processed by these systems. These reports can play an important role in:
- Oversight of the organization
- Vendor management programs
- Internal corporate governance and risk management processes
- Regulatory oversight
Use of a SOC 2® report is restricted to user entities, their auditors, and others who have the requisite understanding of the service organization.
You may request a copy of our latest SOC 2 report by contacting compliance@lendwithspark.com
Due Diligence Inquiries
To ensure consistence in our approach and to manage the volume of inquiries we receive from prospective customers and partners, we have prepared a completed SIG Framework questionnaire that we believe will meet the needs for most inquiries.
Customers interested in learning about Ignify’s security and compliance standards can request this pre-filled SIG questionnaire and a copy of our latest SOC 2 report.
Customer Audit Inquiries
Ignify is fully committed to supporting customer audits and ongoing vendor risk assessment requests related to the SPARK platform.
Due to the volume of requests we receive we kindly request that you take advantage of our existing documentation prior to sending us specific information or documentation requests, or questionnaires.
Still have questions?
Please direct inquiries about our digital trust program to compliance@lendwithspark.com
Ready to put SPARK to work?
Take your small business lending to the next level. Find out how.