Prospecting and IntrosStand out and improve response rates.
SalesGenerate more pipeline and close more deals.
Sales SupportSet your sales team up for success.
MarketingHost video content and convert viewers into leads.
Converting and ClosingConnect with buyers and close more deals.
Corporate CommsCreate and deliver an internal communications strategy.
See Vidyard in Action →
“Personalized Vidyard video messages drove an 8x improvement in click-through rates and a 4x improvement in reply rates.” Read More
BlogThe secrets to virtual selling and video best practices.
Video Agent HubCase studies and how-to videos for every revenue use case.
Help CenterHow-to and help articles for all things Vidyard.
Fast ForwardExpert advice on all things virtual selling.
TemplatesFree sales templates for every stage of the deal cycle.
Use CasesExplore real ways to use video across your business.
AI Resource HubGuides and ideas for using AI in your workflow.
Case StudiesLearn how our customers win more with Vidyard.
Live Workshop SeriesShowing you exactly how to put video to work.
Security Addendum
This Security Addendum (“Addendum”) supplements the Enterprise Terms or other agreement that specifically incorporates this Addendum (the “Agreement”). Capitalized terms not defined herein have the meaning set forth in the Agreement.
Vidyard maintains a risk-based information security program designed to protect Customer Content and Viewer Data against unauthorized or accidental loss, destruction, or damage, consistent with industry standard practices, and Vidyard’s SOC 2 Type 2 attestation.
The security measures implemented by Vidyard include, but are not limited to, the following:
1. Encryption of data
- Vidyard encrypts Customer Content and Viewer Data in transit and at rest using industry standards appropriate for the method of storage or transfer, including TLS 1.2+ and AES-256 encryption.
2. Confidentiality, integrity, availability, and resilience
Vidyard maintains a comprehensive information security program aligned with ISO/IEC 27001 and NIST 800 guidance. Controls include:
- Role-based access control (RBAC) and least privilege enforcement
- Annual risk assessments for third parties and critical vendors
- At least quarterly vulnerability scans and annual penetration tests
- SOC 2 Type 2 external audit covering Security, Availability, and Confidentiality
3. Data availability and access
- Daily backups replicated across AWS regions, encrypted and monitored
- Business Continuity & Disaster Recovery Plan tested annually
- Incident Response Plan ensuring rapid detection, containment, and recovery
4. Processes for testing, assessing, and evaluating effectiveness
- Penetration tests at least annually
- Continuous monitoring and centralized logging (including SIEM, code security, and compliance)using enterprise monitoring and logging tools
- Annual SOC 2 Type 2 audit
- Regular periodic vulnerability scans
5. Identification and authorization of Vidyard personnel
- Vidyard personnel each have unique user IDs, passwords, and multifactor authentication for all access to production services.
- Access to production services is granted to Vidyard personnel in accordance with documented approval workflow, and entitlements are reviewed on a periodic basis.
- Personnel are deprovisioned within 24 hours of termination of employment.
6. Protection of data in transit and at rest
- Customer Content and Viewer Data transmitted over public networks is encrypted end-to-end using TLS 1.2+.
- Customer Content and Viewer Data are encrypted at rest and in transit. Backups are encrypted and access controlled.
7. Platform physical security
- Vidyard’s services are hosted on enterprise-grade cloud computing providers, which undergo independent audits (e.g., SOC 2/ISO 27001) regarding their physical security measures. Vidyard reviews these certifications at least annually.
8. Event logging
- All production endpoints generate logs forwarded to enterprise monitoring tools for security monitoring and analysis. Critical events are integrated with Slack for real-time incident response.
- Audit logs capture all changes to sensitive configurations with timestamps, user IDs, and device/IP details. Logs are protected from modification.
9. System configurations
- Workstations and production equipment are centrally managed via MDM tools. Systems are monitored for compliance, patched, and configured against baseline security standards.
10. IT and security governance
- A dedicated IT & Security team oversees policy enforcement, vulnerability management, incident response, and compliance monitoring.
11. Certification/assurance of processes
- Vidyard undergoes annual SOC 2 Type 2 examinations for Security, Availability, and Confidentiality. Policies and technical controls are reviewed and updated at least annually.
12. Employee Security Training
- All employees of Vidyard receive annual security training and are subject to confidentiality obligations under their employment agreements. Vidyard employees are also required to comply with Vidyard’s internal security policies. Executive summaries of these policies are available on the Trust Portal (trust.vidyard.com).