Industry Standard Security and Compliance
We know you have professional and ethical obligations to ensure that your data is safe. We meet or exceed industry best practices to ensure that your data is accessible to you—and only you.
Tier 3 Data Center
Redundant Internet Connections
Our Tier 3 data center’s internet connection has redundancy. In the unlikely event we experience an outage with our primary internet service provider, we have not just one, but two different backup providers available.
Layers of Physical Security
Multiple layers of physical security ensure that only authorized personnel have access to our systems. We employ video surveillance, RFID security badges, PIN codes, biometric fingerprint scans, and server cabinet locks to maintain the integrity of our system.
Flywire utilizes advanced antivirus to protect your data. We have partnered with Sentinel One to provide cutting edge malware and ransomware protection for our clients. SentinelOne doesn’t need any prior knowledge of an attack to detect it and remediate it. That’s because it applies machine learning and AI to continuously outflank attackers. Always evolving with theever-changing threat landscape, the SentinelOne platform is ready to stop types of attacks that don’t yet exist. So people can work, live, and use technology free from threats and unencumbered by intrusive security.
SSAE 18/ISAE SOC 1 Type 2
This dual-standard report is intended to help Flywire customers and their auditors in evaluating the effect of the controls at Flywire on their financial statement assertions. The SOC 1 report attests that Flywire’s control objectives are appropriately designed and operating effectively.
Flywire is certified under ISO/IEC 27001:2013, which is an auditable international standard that formally outlines requirements for an Information Security Management System (ISMS) to help protect and secure an organization’s data.
SOC 2 Type 2
The SOC 2 report is an attestation report that provides an evaluation of controls specific to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, and availability.
SOC 3 Type 2
The SOC 3 report is a Trust Services Report, and is designed to meet the needs of Flywire customers that want assurance about Flywire’s controls related to security and availability but do not need the level of detail provided in a SOC 2 Report.
Level 1 Service Provider under PCI DSS
Flywire is certified under PCI DSS as a Level 1 service provider. This means that Flywire data centers, cloud infrastructure operations are PCI DSS compliant.
HIPAA / HITECH Security Rule Compliance Report (AT 101)
Flywire data centers and cloud infrastructure meet the stringent requirements for IT compliance with the Health Insurance Portability and Accountability Act (HIPAA) Security Rule. We have implemented the physical, technical, and administrative safeguards to ensure that confidential electronic protected health information (ePHI) is secure.
EU-U.S. Privacy Shield Framework
Flywire is certified under the EU-U.S. Privacy Shield Framework.
Don’t get left behind. Get the flexibility, scalability, and cost-savings the cloud has to offer.
Flywire eliminates the high costs of hardware acquisition. Everything you need to get back up and running is already in place at our data center (and is included in our hosting solutions at no extra charge!)