Trust Center

Security. Compliance. Continuity.​

Call Our Team Today Or
Send Us a Message
PRAXIS Technology Escrow

PRAXIS Technology Escrow protects critical software assets with security-first processes, audited controls, and proven escrow expertise. This Trust Center summarizes our security posture, compliance framework, and the compliance programs of the cloud infrastructure we rely on.

US Based
US-Based Escrow Provider
SOC2 Aligned
SOC2-Aligned Security
Insured
Insured (E&O)
Experience
90+ Years of Experience
Scans
Vulnerability + Pen Testing
Training
Internal Security Training

Compliance and Certifications

SOC 2 (Security and Availability)

PRAXIS maintains a SOC 2-aligned security program designed around the Trust Services Criteria, including documented controls, evidence collection, and ongoing monitoring.

SOC 2 materials and supporting documentation are available upon request (NDA may be required).

Cloud Infrastructure Compliance

PRAXIS’ services are hosted on Amazon Web Services (AWS). AWS maintains a broad compliance portfolio and publishes in-scope services and independent audit reports through AWS compliance resources.

AWS makes many independent audit reports available through AWS Artifact, their on-demand compliance portal.

AWS Assurance Programs

transparent soc3
SOC 1
transparent soc2
SOC 2
transparent soc
SOC 3
transparent iso 27001
ISO 27001
transparent iso 27017 2015
ISO 27017
transparent iso 27018 2019
ISO 27018
transparent pci

PCI DSS

Why US-Based Matters

PRAXIS is a US-based escrow provider. For many organizations, that matters for jurisdiction, enforceability, accountability, and clearer risk management when software is business-critical.

Read: Why Companies Worldwide Choose US Software and SaaS Escrow Providers 

Errors & Omissions Insurance

PRAXIS maintains E&O coverage to provide our clients with financial protection related to the services we perform as a technology escrow agent. Maintaining E&O insurance is part of our commitment to responsible operations, risk management, and accountability to the organizations that trust us to safeguard their software assets.

Security Overview

How we protect escrowed materials

Security at PRAXIS is built into how we operate, not added at the end. We combine controlled procedures, least-privilege access, monitoring, and secure cloud infrastructure to protect escrow materials throughout deposit, storage, and release workflows.

  • Role-based access controls
  • Least privilege access model
  • Documented release procedures and approvals
  • Defined deposit handling procedures
  • Audit trails and administrative logging
  • Change control for production systems
  • Resilient cloud infrastructure
  • Documented incident response and recovery processes
  • Operational readiness practices to support continuity

Controls

  • Controlled handling of escrow materials
  • Access restrictions by role and business need
  • Administrative logging and auditability

PRAXIS maintains documented procedures for receiving, handling, storing, and restricting access to escrow materials. Access is granted based on role and job requirement, and key actions are logged to support auditability and investigation.

  • Hosted on AWS
  • Segmentation and access controls
  • Monitoring and alerting

PRAXIS leverages AWS-hosted infrastructure and aligns internal controls to the shared responsibility model, with operational controls and access practices designed to support security and availability.

  • Vulnerability scans
  • Penetration testing
  • Remediation tracking

We perform vulnerability scanning on a defined cadence and conduct penetration testing to validate real-world exposure. Findings are tracked through remediation, prioritized by severity and risk.

  • Security training for team members
  • Security policies and SOPs
  • Incident awareness and escalation practices

Security training is part of our internal operating rhythm. Team members follow documented procedures for sensitive data handling, access management, and incident reporting.

  • Periodic risk reviews
  • Vendor and third-party oversight
  • Policy governance and ownership

PRAXIS maintains a risk-based approach to governance, including periodic reviews, policy ownership, and oversight of key third-party providers supporting the service.

  • Errors & Omissions (E&O) insurance
  • Defined escalation paths
  • Documented client support procedures

PRAXIS maintains E&O insurance and formal escalation procedures to support timely resolution of operational and security concerns.

Trust Documents

Public Documents

Available Upon Request

  • SOC 2 Report
  • Pen Test Executive Summary 
  • Incident Response Policy
  • Vendor / Subcontractor List
  • Certificate of Insurance
  • Form W9
  • Bank Letter
Request Documents