Addigy Security & Compliance


Security and Compliance come first at Addigy. Addigy manages Apple Devices in quite literally every corner of the world, and security is paramount. 

Addigy infrastructure has been designed with a cloud-first approach with multiple areas of Microservices.


Addigy Infrastructure Overview


Using only the most trusted Cloud Platforms, Addigy infrastructure is designed and implemented on Amazon Web Services, Google Cloud Platform, and Stripe. 

Addigy requires all leveraged Cloud Platform Vendors to be fully compliant with the following industry standards:

  • SOC 1 (Type 2), SOC 2 (Type 2), and SOC 3 Compliance
  • PCI DSS 3.2 Level 1 (All card numbers are encrypted on disk with AES-256 and stored with Stripe)
  • FIPS 140-2 - for all cryptographic modules and communication
  • ISO 9001 - for all infrastructure
  • ISO 27001 - Security Management Standards
  • ISO 27017 - Cloud Specific Controls
  • ISO 27018 - Personal Data Protection 

More information about Amazon, Stripe, and Google’s Security and Compliance:


https://aws.amazon.com/compliance/

https://aws.amazon.com/security/

https://aws.amazon.com/compliance/shared-responsibility-model/

https://cloud.google.com/security/compliance

https://cloud.google.com/security/

https://stripe.com/docs/security


Addigy performs routine Vulnerability Testing and Penetration Testing to ensure the Addigy Cloud Platform security exceeds expectation.


Addigy Agent and Server Overview


The Addigy Agent requires Administrator permissions to install on a macOS Device. 

Once the Addigy Agent is installed it runs with Administrator-level permissions (root) to perform the tasks necessary to manage the macOS Device. 

The Addigy Agent only asks for instructions from the Addigy Cloud Platform making an outbound connection over port 443 to the Addigy Server. 

No inbound ports are required to use the Addigy Agent on a network. For more information about the specific 443 traffic please see the Addigy Port Usage document.


All Agent-based communication with the Addigy Cloud Platform is strictly over Secure Socket Layer (443) Protocol which is encrypted in transit and at rest.

Addigy Agents use certificate pinning over 443 to ensure trust between the Cloud Platform and Agent.


iOS and tvOS devices do not require an Addigy Agent.


Addigy Agent and Server Diagram


Below is a diagram of how the Addigy Agent communicates with the Addigy Cloud Platform and how authenticated IT Admins access the Cloud Platform.







Please contact security@addigy.com if further information is required.