Altora Trust Centre

Altora takes security very seriously, we have a number of Defence, Government and data security industry clients that trust us with their data.

A partner you can trust.

Altora use a combination of enterprise-class security features and comprehensive audits of our applications, systems, and networks to ensure that your data is always protected.


We protect your data with encryption in transit and at rest while maintaining integrity, availibility, confidentiality and security of your organisation’s data.


Altora’s products are designed for high performance and availability, delivering our customers best-in-class core technologies that are stable and secure at scale.


With ever-increasing security challenges, we adhere to global, regional, and industry standards to meet compliance and regulatory requirements.


We respect each individual’s privacy and are committed to protecting it through our product, infrastructure, and data governance.

Operational Security

Altora cloud products and data are hosted on industry-leading cloud provider Amazon Web Services (AWS). Our products run on a software as a service (SaaS) environment that is built on a single core infrastructure.

an infographic of an iso in australia


We only use state of the art data centres and cloud providers. Our platform is built on Enterprise grade scalable infrastructure 24/7 monitoring for all aspects of operational security and performance. Equipped with state-of-the-art security such as biometrics, sensors for intrusion detection, key cards, and around-the-clock interior and exterior surveillance.

Physical access to the data centre is restricted to only individuals who require access to maintain systems needed to support the platform. There are several levels of access control that are logged and monitored, personnel are police checked and character referenced checked. The access is dependent on the seniority of the personnel.


Our data centre provider is certified to the following compliance standards: HIPAA, PCI-DSS, SOC 1 Type 2, SOC 2 Type 2, ISO 27001 and FISMA/NIST.

Our cloud provider has the following certifications: PCI-DSS, ISO 27001, SOC 1 / 2 / 3, IRAP, ISO 27018 and ISO 9001.

Application Security

Our application has been designed with focus on security, employing best software engineering practices, encryption technologies and security assurance.

a infographic with a shield and other icons


To protect data, we encrypt information in transit over public networks using TLS 1.2 to protect it from unauthorised disclosure or modification. Data stored on servers holding customer data use full disk, industry standard AES-256 encryption at rest. Cloud systems are protected using next-generation threat protection software.


Measures are put in place to segregate every customer’s data from each other. This means while our customers share a common cloud-based IT infrastructure when using Altora’s products, that any actions of one customer cannot impact or compromise the data or service of another customer.


We protect and ensure the integrity of sessions and authentication credentials by building in protection mechanisms such as the following:
  • Two-factor authentication (2FA) is designed to prevent anyone but you from accessing your Altora account, even if they know your password.
  • We enforce a password complexity standard and passwords are also asymmetrically encrypted; this security method is stronger and uses a strong salted hash.


All key actions on the application are centrally logged which events can be recalled if needed. Our internal processes define how these alerts are triaged, investigated further, and escalated appropriately. Key system logs are forwarded from each system where logs are read-only.


Our products are designed for high performance and availability.

a man in a hard hat on his tablet


The service is hosted on high-availability servers to meet Altora’s SLA guarantee. Altora’s detailed SLA is available here. The load balancing nature of high availability servers enables maximum uptime and stability for critical system that need to be available near 100%, 24×7. Connectivity is via dedicated fibre and internet via multiple tier-one service providers. Data is backed up daily off-site with disaster recovery procedures in place including several copies in encrypted archives.


We use Amazon Web Services (AWS) as a cloud service provider and its highly available data centre facilities in multiple regions worldwide. Each AWS region is a separate geographical location with multiple, isolated, and physically separated groups of data centres known as Availability Zones (AZs).

We leverage AWS’ compute, storage, network, and data services to build our products and platform components, which enables us to utilise redundancy capabilities offered by AWS, such as availability zones and regions.


We operate with comprehensive procedures with disaster recovery and business continuity plans. Our backup measures are designed in line with system recovery purposes.

Automated AWS Snapshots are backed up daily, encrypted using AES-256 encryption. This backup data is not stored offsite but is replicated to multiple data centres across multiple available AWS zones.


Our commitment to data protection and privacy


We use several security controls to protect our application from intrusions and breaches. Each account’s data is separately stored from one another using unique identifiers and authentication technologies.

Your data is always safe as we do not give, rent, or sell this data to anyone else, nor do we make use of it ourselves for any purpose other than to provide our services. More information can be seen on our privacy policy.

altora logo with some network artifacts
We’re trusted by hundreds of Australian businesses.
icon-angle icon-bars icon-times

Request a Demo

We’d love to learn about your business needs.

Clicking this button signifies that you have read and agreed to our Terms and Privacy Policy.