Enterprise-grade Security and Control

Cogram is SOC-2 Type II certified and undergoes annual penetration testing. This page provides an overview of the organisational and technical security measures at Cogram.

AI and ML Policy

No training of AI
Cogram does not use customer data to train AI or machine learning models.
Human review of AI-generated content / no automatic sharing
Meeting notes or reports drafted by Cogram are only accessible to Cogram's user and are not automatically shared with others.

Product Security

Multi-Factor Authentication
Two-factor authentication can be enabled by individual users or enforced on an organizational level.
Single Sign-On (SSO)
Cogram supports authentication via SAML-based SSO (2.0).
Role-based Access Controls (RBAC)
Use RBAC to manage permissions based on user roles, on an organization-, group-wide, or user level.

Data Storage

Encryption
Industry-standard security policies, including Transport Layer Security (TLS) for in-transit and AES-256 for at-rest encryption of data.
Custom Data Retention Timelines
Automatically delete data after custom retention timelines or manually on request.
Regular backups
Data is automatically backed up to enable recovery in case of an incident that leads to loss of data.
Custom Data Storage Locations
Cogram can support data storage in a geography of the customer's choice.

Advanced Deployment Options

Dedicated Instance

Services hosted by Cogram on a dedicated virtual server reserved for a single customer's use
Dedicated resources allocated solely for your use. Full control over configurations to optimize Cogram specifically for your requirements.
Isolation
Data isolation and ability to implement tailored security measures that meet industry-specific data storage requirements.

Private Cloud Storage

Cogram's core database hosted in your private cloud
Host Cogram's core database in an enterprise private cloud environment on Microsoft Azure, Amazon AWS, or Google Cloud.
Compliance and flexibility
Store critical data in your cloud environment while delegating processing to Cogram's cloud services, to combine the control of private cloud storage with the flexibility of SaaS.

Private Deployment

To meet the most stringent compliance requirements
Deploy an entire Cogram instance in your enterprise private cloud environment for private cloud storage and processing.
Configurable Scoped Access Rights
Optionally manage updates and enable outside support by provisioning custom scoped access rights for Cogram.
Talk to Sales

Legal

Subprocessors
Cogram uses a minimal set of subprocessors consisting only of services strictly required for product performance.
Technology and Cyber Insurance
Insurance policies that cover security incidents.
Custom Master-Services Agreement (MSA), Data Processing (DPA), and Service-Level (SLA) Agreements
Beyond Cogram's standard MSA and DPA, Cogram can work with custom DPAs and SLAs.

Compliance and External Audits

Penetration Testing
Cogram commissions annual penetration testing by an experienced third-party provider.
SOC 2 Type II
Cogram is SOC 2 Type II certified.
GDPR, HIPAA, and Custom Requirements
Cogram complies with the GDPR and can execute a Business Associate Agreement (BAA) under the HIPAA.
Try Cogram in a live meeting.
Schedule a Demo
Company
HomeSecurityEnterpriseCustomersCustomer StoriesAbout
Industry
Architecture, Engineering, Construction (AEC)Consulting, Financial, Legal ServicesCreative and MediaTechnologyOther
Legal
Terms and ConditionsPrivacy
Account
Request a DemoSign In
© Cogram Inc. | Cogram Technologies GmbH
Contact: hi@cogram.com