Skip to main content

Theta Lake Recognized as a Visionary in 2025 Gartner® Magic Quadrant™ for DCGA Solutions. Download the report

Security Architecture

Theta Lake’s SOC 2, Type 2-audited Compliance Suite is a purpose-built platform that provides automatic detection of regulatory, privacy, and cybersecurity risks in audio, video, chat and other collaboration content. Theta Lake deploys industry-leading security and compliance controls to protect the security, confidentiality, and availability of information stored on the platform. The solution’s technical design is based on our Secure in Transit, Architecture, Rest, Redaction, and Removal (“STAR3”) architecture. Theta Lake’s staff includes privacy practitioners with CIPP/E and CIPP/US certifications as well as CPA, CISA, CISSP, and other security credentials.
HIPAA

Theta Lake has implemented controls to comply with the Security Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and secure electronic protected health information (ePHI).

SOC Compliant

Theta Lake has achieved the SOC 2, Type 2 Report for its Compliance Suite. Theta Lake’s System and Organization Controls (SOC) Report is an independent third-party examination report that demonstrates how Theta Lake achieves key compliance controls and objectives. The purpose of this report is to help our clients, prospective clients, and their auditors understand the Theta Lake controls established to support operations and compliance.

sheild 1 min

ISO 27001
Theta Lake has implemented technical and organizational controls to align with the ISO 27001 information security management standard.

A-Lign PCI DSS

Theta Lake’s Compliance Suite has been evaluated by an independent, third-party auditor and is compliant with Payment Card Industry Data Security Standard (PCI DSS) for processing credit card data.

Badge Committed 5d63947d

Theta Lake has completed the EcoVadis Sustainability Assessment.

Validated by Trusight badge

Theta Lake completed TruSight’s third-party risk assessment as part of its ongoing efforts to align with financial services industry security best practices.  Theta Lake’s report is available to TruSight customers upon request by contacting thirdparty@trusightsolutions.com.

Validate Theta Lake’s cloud-native security posture and key compliance frameworks in our customer Trust Center

Request a Demo
Infrastructure Security

Encryption

All data is encrypted in transit and at rest. Customer-specific 256-bit encryption keys required for access and customer has the option to manage keys independently using Amazon Web Services or Microsoft Azure key management services.

Secure Data Ingestion

Content ingested through customer-authorized APIs and services, or customer-controlled SSL-only uploads

Cloud Service Security

Protection of our app against SaaS account takeover, malware, and zero-day attacks targeting cloud infrastructure including container level vulnerability scanning

AWS and Azure Security Certifications

Hosted in dedicated server environments at AWS and Azure, which are certified pursuant to multiple compliance and security regimes, such as SOC, ISO, CSA, and others.

Retention Controls

Customers retain full control over retention and disposition of information in SEC 17a-4, WORM compliant archive

Security and Compliance for Modern Collaboration Platforms

SCHEDULE A DEMO

COPYRIGHT 2025 THETA LAKE, INC. ALL RIGHTS RESERVED.
PRIVACY POLICYCOOKIE POLICY

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, to this research, including any warranties of merchantability or fitness for a particular purpose. GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and MAGIC QUADRANT and PEER INSIGHTS are registered trademarks of Gartner, Inc. and/or its affiliates and are used herein with permission. All rights reserved. Gartner, Gartner Magic Quadrant for Digital Communications Governance and Archiving, Michael Hoeck, Rizvan Hussain, Jeffrey Hewitt, January 8 2025. This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Theta Lake.