Last updated on June 2026

Uncountable Security

Securing our customers' data is the paramount commitment at Uncountable, ensuring its integrity and confidentiality for authorized users.

Standards:

  • SOC-2 Type II Certification: Subject to rigorous annual external audits for continuous adherence to industry-leading security practices.
  • ISO27001 Compliance: Strict adherence to international standards, providing a robust framework for information security.
  • HIPAA and GxP Compliance: Committed to meeting the stringent requirements for healthcare and pharmaceutical data protection.
  • Privacy Shield Membership: Demonstrated commitment to data protection while participating in the Privacy Shield program.

Data Protection:

  • Confidentiality: Treating customer data as confidential and proprietary, enforcing access controls through role-based mechanisms.
  • Encryption Protocols: Employing AES-256 encryption for data at rest and TLS for in-transit data.
  • Data Segregation: Rigorous schema-level isolation and regular penetration testing to ensure customer data segregation.
  • Data Classification: Classifying data based on confidentiality, proprietary, or other standards enforced with differentiated user access

Web Application Security:

  • Server Audits: Regular audits of web servers to uphold the highest standards of security., including: Content Security Policy, XSS-Protection, HTTP Strict Transport Security, X-Content-Type-Options, and X-Frame-Options.
  • Email Security: Leveraging the AWS secured email service and implementing Sender Policy Framework (SPF) for domain security.
  • File Security Controls: Robust file-sharing mechanisms with per-user controls, malware scanning, and unrestricted file size handling.
  • Application Integrity: Ensuring the Uncountable application cannot be embedded or proxied through external clients.
  • Browser Supports: Supporting all modern browsers and operating systems as well as mobile browsers for iOS and Android.

Authentication:

  • SSO with SAML: Encouraging the use of Single Sign-On (SSO) through Security Assertion Markup Language (SAML) for enhanced account security.
  • Password Security Measures: Enforcing default password strength requirements with optional multi-factor authentication.
  • IP-Whitelisting: Supporting IP-whitelisting to restrict account access to specific, authorized IP addresses.

Deployment:

  • AWS Deployment: Leveraging Amazon Web Services (AWS) infrastructure for deployment, providing a robust and scalable foundation.
  • Global Deployment Options: Uncountable has deployments in the U.S., EU and Japan to accommodate customer preferences.
  • VPC Deployment Option: Optionally deploying Uncountable within a Customer's Virtual Private Cloud (VPC), allowing customers to manage encryption keys.

Auditability:

  • Audit Logs: Maintaining comprehensive admin audit logs to track all system actions.
  • Entity-Specific Logs: Empowering individual users to access audit logs for entities under their management.

Disaster Recovery:

  • Continuity Planning: Implementing a comprehensive disaster recovery and business continuity plan, shared transparently with our valued customers.
  • Public Application Status: Providing a publicly accessible link for customers to check the real-time status of the application.

Updates and Backups:

  • Changelog Publication: Regularly updating the changelog, published on our dedicated support site.
  • Data Backup Practices: Consistent and frequent data backups, including daily database snapshots stored redundantly in multiple cloud regions.

Legal and IP:

  • Customer Data Ownership: Affirming customer ownership of data and content.  Data uploaded to and content in reports exported from the application is owned by our customers.
  • Full Data Exports: Facilitating customer requests for full data exports at any time.
  • GDPR Compliance: Conforming to the General Data Protection Regulation (GDPR) standards for the protection of personal data.

Security Accountability:

  • Third-Party Penetration Tests: Subjecting Uncountable to yearly third-party penetration tests, covering OWASP Top 10 vulnerabilities and more.
  • Network Vulnerability Scans: Conducting regular network vulnerability scans to identify and mitigate potential security risks.

Securing our customers' data is the paramount commitment at Uncountable, ensuring its integrity and confidentiality for authorized users.

Standards:

  • SOC-2 Type II Certification: Subject to rigorous annual external audits for continuous adherence to industry-leading security practices.
  • ISO27001 Compliance: Strict adherence to international standards, providing a robust framework for information security.
  • HIPAA and GxP Compliance: Committed to meeting the stringent requirements for healthcare and pharmaceutical data protection.
  • Privacy Shield Membership: Demonstrated commitment to data protection while participating in the Privacy Shield program.

Data Protection:

  • Confidentiality: Treating customer data as confidential and proprietary, enforcing access controls through role-based mechanisms.
  • Encryption Protocols: Employing AES-256 encryption for data at rest and TLS for in-transit data.
  • Data Segregation: Rigorous schema-level isolation and regular penetration testing to ensure customer data segregation.
  • Data Classification: Classifying data based on confidentiality, proprietary, or other standards enforced with differentiated user access

Web Application Security:

  • Server Audits: Regular audits of web servers to uphold the highest standards of security., including: Content Security Policy, XSS-Protection, HTTP Strict Transport Security, X-Content-Type-Options, and X-Frame-Options.
  • Email Security: Leveraging the AWS secured email service and implementing Sender Policy Framework (SPF) for domain security.
  • File Security Controls: Robust file-sharing mechanisms with per-user controls, malware scanning, and unrestricted file size handling.
  • Application Integrity: Ensuring the Uncountable application cannot be embedded or proxied through external clients.
  • Browser Supports: Supporting all modern browsers and operating systems as well as mobile browsers for iOS and Android.

Authentication:

  • SSO with SAML: Encouraging the use of Single Sign-On (SSO) through Security Assertion Markup Language (SAML) for enhanced account security.
  • Password Security Measures: Enforcing default password strength requirements with optional multi-factor authentication.
  • IP-Whitelisting: Supporting IP-whitelisting to restrict account access to specific, authorized IP addresses.

Deployment:

  • AWS Deployment: Leveraging Amazon Web Services (AWS) infrastructure for deployment, providing a robust and scalable foundation.
  • Global Deployment Options: Uncountable has deployments in the U.S., EU and Japan to accommodate customer preferences.
  • VPC Deployment Option: Optionally deploying Uncountable within a Customer's Virtual Private Cloud (VPC), allowing customers to manage encryption keys.

Auditability:

  • Audit Logs: Maintaining comprehensive admin audit logs to track all system actions.
  • Entity-Specific Logs: Empowering individual users to access audit logs for entities under their management.

Disaster Recovery:

  • Continuity Planning: Implementing a comprehensive disaster recovery and business continuity plan, shared transparently with our valued customers.
  • Public Application Status: Providing a publicly accessible link for customers to check the real-time status of the application.

Updates and Backups:

  • Changelog Publication: Regularly updating the changelog, published on our dedicated support site.
  • Data Backup Practices: Consistent and frequent data backups, including daily database snapshots stored redundantly in multiple cloud regions.

Legal and IP:

  • Customer Data Ownership: Affirming customer ownership of data and content.  Data uploaded to and content in reports exported from the application is owned by our customers.
  • Full Data Exports: Facilitating customer requests for full data exports at any time.
  • GDPR Compliance: Conforming to the General Data Protection Regulation (GDPR) standards for the protection of personal data.

Security Accountability:

  • Third-Party Penetration Tests: Subjecting Uncountable to yearly third-party penetration tests, covering OWASP Top 10 vulnerabilities and more.
  • Network Vulnerability Scans: Conducting regular network vulnerability scans to identify and mitigate potential security risks.

See how Uncountable transforms research & development

Request Demo

By using this website, you agree to our use of cookies. We use cookies to provide you with a great experience and to help our website run effectively. Privacy Policy