Enterprise-grade Security and Control

AI and ML Policy

No training of AI
Cogram does not use customer data to train AI or machine learning models.

Product Security

Multi-Factor Authentication
Two-factor authentication can be enabled by individual users or enforced on an organizational level.
Single Sign-On (SSO)
Cogram supports authentication via SAML-based SSO.
Role-based Access Controls (RBAC)
Use RBAC to manage permissions based on user roles, on an organization-, group-wide, or user level.

Data Storage

Industry-standard security policies, including Transport Layer Security (TLS) for in-transit and AES-256 for at-rest encryption of data.
Custom Data Retention Timelines
Automatically delete data after custom retention timelines or manually on request.
Regular backups
Data is automatically backed up to enable recovery in case of an incident that leads to loss of data.
Custom Data Storage Locations
Cogram can support data storage in a geography of the customer's choice.


Cogram uses a minimal set of subprocessors consisting only of services strictly required for product performance.
Technology and Cyber Insurance
Insurance policies that cover security incidents.
Custom Master-Services Agreement (MSA), Data Processing (DPA), and Service-Level (SLA) Agreements
Beyond Cogram's standard MSA and DPA, Cogram can work with custom DPAs and SLAs.

Compliance and External Audits

Penetration Testing
Cogram commissions annual penetration testing by an experienced third-party provider.
SOC 2 Type II
Cogram is SOC 2 Type II certified.
GDPR, HIPAA, and Custom Requirements
Cogram complies with the GDPR and can execute a Business Associate Agreement (BAA) under the HIPAA.
Advanced Deployment Options

Dedicated Instance

Services hosted by Cogram on a dedicated virtual server reserved for a single customer's use
Dedicated resources allocated solely for your use. Full control over configurations to optimize Cogram specifically for your requirements.
Data isolation and ability to implement tailored security measures that meet industry-specific data storage requirements.

Private Cloud Storage

Cogram's core database hosted in your private cloud
Host Cogram's core database in an enterprise private cloud environment on Microsoft Azure, Amazon AWS, or Google Cloud.
Compliance and flexibility
Store critical data in your cloud environment while delegating temporary processing to Cogram's cloud services, to combine the compliance of private cloud storage with the flexibility of SaaS.

Private Deployment

To meet the most stringent compliance requirements
Deploy an entire Cogram instance in your enterprise private cloud environment for private cloud storage and processing.
Configurable Scoped Access Rights
Optionally manage updates and enable outside support by provisioning custom scoped access rights for Cogram.
Talk to Sales