At Solartis, safeguarding the data, privacy, and operational continuity of our customers is more than a requirement; it's a foundational principle. As insurance carriers, MGAs, and other industry stakeholders increasingly rely on digital platforms for policy administration, we recognize that a robust security posture and transparent compliance framework are essential for trust, scalability, and resilience.
Certified. Audited. Proven.
Solartis operates under a rigorous Security Management System (ISMS) certified to the following global standards:
- ISO/IEC 27001: Information Security Management
- ISO/IEC 27017: Cloud-Specific Security Controls
- ISO/IEC 27018: Protection of Personally Identifiable Information (PII)
- SOC 2 Type II: Trust Services Criteria for security, availability, and confidentiality
These certifications ensure that our systems, processes, and people meet the highest standards in governance, risk management, and data protection.
Centralized Visibility with SIEM Logging
Security Information and Event Management (SIEM) is at the core of our security architecture. Solartis captures logs from all critical systems, applications, and security devices to enable:
- Real-time monitoring and incident response
- Automated alerts based on risk thresholds
- Cross-system event correlation and threat detection
- Detailed forensic audit trails
- Clock-synchronized log data for precision investigations
- Threat detection for anomalies and unusual user/system behavior
Our SIEM framework acts as a centralized nervous system for detecting, analyzing, and responding to security threats in real time—ensuring both prevention and accountability.
Multi-Layered Security Architecture
Solartis employs a defense-in-depth model that covers every layer of our platform and operations:
- Data Protection: TLS 1.2/1.3 encryption in transit, AES-256 encryption at rest, secure key management
- Application Security: Role-based access controls, encrypted session tokens, secure coding practices
- Infrastructure Security: Isolated VPCs (Virtual Cloud Network), enterprise firewalls, high-availability architecture across geographically separate data centers
- Physical Security: Oracle Cloud Infrastructure (OCI) with SOC 2 compliant hosting
- Incident Management: ISO-aligned response plan with escalation paths, audit trails, and regular drills
- Vulnerability Management: Routine scanning, penetration testing, and patch management governed by change control
Patch Management and Release Transparency
Our patching strategy is risk-based and structured for transparency:
- Critical Security Patches: Applied within 24–72 hours
- Platform Patches: Rolled out quarterly within designated maintenance windows
- Service Layer Updates: Delivered via CI/CD pipeline, validated in staging, and deployed with customer coordination
- Multi-Tenant Isolation: Shared services are updated centrally; customer-specific microservices are updated independently
Customer-Centered Security Collaboration
Solartis works closely with our customers to ensure ongoing transparency and flexibility. Our Jira-based ticketing system provides full visibility into support requests, and we are always willing to integrate with your preferred collaboration tools for smoother operations.
In addition to our certifications, we offer direct access to security documentation and downloadable certificates through our website:
🔗 Solartis Security and Compliance Center
The Bottom Line
In an industry where sensitive data and operational reliability are paramount, Solartis doesn't just comply—we lead. Our investment in certified controls, modern infrastructure, and proactive monitoring ensures that your policy administration platform is protected, resilient, and always audit-ready.
Security isn’t a feature. It’s a promise.
