Security at SPEC Innovations

Protecting data and supporting secure engineering

Built with security at every layer 

Architecture and processes designed to protect engineering data are fundamental in our platforms.

SPEC Innovations develops Innoslate and Sopatra to support accurate, controlled, and reliable data workflows. Our focus is on data protection, access management, and supporting deployments for commercial, enterprise, and government environments.
AdobeStock_1939822257

Security Approach

 Our approach to security is practical and structured.  

Aligned with compliance standards

Our security practices align with recognized standards, including SOC 2, ISO 27001, and ISO 9001.

These frameworks guide the implementation and maintenance of controls. Independent assessments and ongoing reviews ensure that controls remain effective over time.

This provides additional assurance for organizations operating in regulated environments.

Learn More About Compliance →

Platform architecture and access

Innoslate and Sopatra are designed with controlled access to system data and functionality.

Access is managed through role-based access control (RBAC), allowing organizations to define permissions based on user roles. Authentication ensures that only authorized users can access the system, and permissions are enforced consistently across the platform.

This structure helps ensure that users interact only with data relevant to their responsibilities.

Data protection

Data protection is maintained throughout the system lifecycle.

Data is encrypted in transit using secure protocols and protected at rest within the system. Access to data is governed by permissions, ensuring controlled visibility and modification.

Backup and recovery processes are in place to maintain availability and protect against data loss. These processes support continuity in the event of system disruption.

Monitoring and auditing

System activity is tracked to support visibility and accountability.

Logging and audit trails capture user actions and system events. These capabilities support operational monitoring, troubleshooting, and compliance requirements. Monitoring processes help identify issues and ensure systems continue to operate as expected.

Secure development practices

Security is part of how our platforms are developed and maintained.

Our software is developed and maintained by a team of software engineers who understand security. Our engineers attend regular, required security training. Our team regularly monitors Innoslate to prevent and eliminate any attacks on our systems. All Innoslate development occurs at our facility in Northern Virginia.

All private data exchanged between Innoslate and Sopatra is always transferred over HTTPS. New files uploaded to Innoslate are encrypted using AES. Innoslate’s software architecture prevents application code from writing the filesystem.
 

Deployment and environment flexibility

SPEC Innovations supports multiple deployment models to meet different security requirements.

Innoslate Cloud provides a managed environment with built-in controls. For government and regulated environments, deployments can align with DISA STIG requirements and support IL6-compliant infrastructure. Organizations can also deploy within their own environments for full control over configuration and data handling.

Deployment options may vary by product and environment, but the goal remains consistent: provide flexibility without compromising security.

Learn More About Government and Deployment →

Data Center

Data Center Security 

Innoslate is hosted in geographically distributed data centers that employ a variety of physical security measures. The technology and security mechanisms used in these facilities may vary depending on local conditions such as building location and regional risks.

The standard physical security controls implemented at each data center include the following: custom-designed electronic card access control systems, alarm systems, interior and exterior cameras, and security guards. Access to areas where systems or system components are installed or stored is segregated from the general office and public areas, such as lobbies. The cameras and alarms for each of these areas are centrally monitored for suspicious activity, and the facilities are routinely patrolled by security guards.

Data centers that host Innoslate and Sopatra have successfully completed audits for FedRAMP, SAS 70 Type II, SSAE 16 Type II, ISO 27001, and ISAE 3402 Type II.
 

Frequently Asked Questions

More resources

Collaborate seamlessly to accelerate innovation on a cloud platform that prioritizes safety, security, and compliance.

Contact Support

See why we are rated "Best Support" by G2 in Systems Engineering Software. Talk to our experienced support staff.

Contact Our Support Team →

AdobeStock_493462753

Trust Center

Learn more about security, service agreements, and compliance.

Learn More →

women shaking hands in agreement

On-Premise Deployment

Innoslate Enterprise is the on-premise version that gives you control of your data.

Learn More →

AdobeStock_159911861

Contact Sales

 We can provide documentation and help you evaluate Innoslate and Sopatra for your environment. 

<strong>Contact Us →</strong>