As part of our security program, we review access logs for critical and essential business systems monthly. The goal is to have a control in place so that we are aware of any suspicious activity and ensure we are adding users only as needed and removing access promptly.

External Systems

Simplifya Market Guide

Simplifya Market Guide is a cannabis information resource and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about Simplifya Market Guide.

Simplifya Protect

Our compliance platform is managed by a third-party development shop in Sri Lanka and so they are responsible for reviewing access logs. We are working on a way to have their reviews posted here.

Simplifya Verified (Cannabis)

Simplifya Verified is our license verification app and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about Simplifya Verified.

Simplifya Verified (Hemp)

We are building a version of Simplifya Verified for hemp licenses. Though it is still in beta, it is public-facing and considered in scope for our Security Program. We review user logs monthly and share the results below.

Internal Systems

AWS

Simplifya uses AWS as its system hosting provider. Our AWS environment is managed by our software development shop, Ceylon Solutions. It contains confidential information about our software architecture and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about AWS Identity Access Management (IAM).

Carta

Simplifya uses Carta as its capitalization management provider. It contains confidential information about our investors and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of Carta.

GitHub

Simplifya uses GitHub as its code repository hosting service. It contains confidential information about our software and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of GitHub.

Paylocity

Simplifya uses Paylocity as its payroll service provider. It contains confidential information about our employees and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of Paylocity.

PopSQL

Simplifya uses PopSQL as its SQL Editor. It contains confidential information about usage of our compliance platform and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of PopSQL.

QuickBooks Online

Simplifya uses QuickBooks Online as its accounting service provider. It contains confidential information about our company finances and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of QuickBooks Online.

Stripe

Simplifya uses Stripe as its payment platform. It contains confidential information about our company finances and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of Stripe.

Transamerica

Simplifya uses Transamerica as its 401K provider. It contains confidential information about our employees and is considered in scope for our Security Program. We review user logs monthly and share the results below. Learn more about the security of Transamerica.