Security

Security FAQ

Procurement-safe answers for IT, legal, and operations

A public-safe overview of how Yokly approaches devices, access, oversight, and data handling. Full legal and security detail is available during diligence.

Yokly is built for teams that need trust, control, and operational clarity. This FAQ is designed to answer the common first-pass questions from procurement, IT, legal, and operations teams without replacing executed agreements or diligence materials.

Jump To Topic

Security PostureManaged DevicesAccess ControlTool ModeData SensitivityOversightIncident ResponseRegulated Environments

Frequently asked questions

What is Yokly's security posture at a high level?

Yokly uses company-controlled devices, MFA, VPN, least-privilege access, and tier-based oversight controls designed to match the workflow and data sensitivity involved.

Do you use managed devices?

Yes. Yokly work is performed on company-managed devices with enforced security settings, encryption, and remote-wipe capability.

How do you handle access?

We use least-privilege access, MFA, and controlled provisioning. Access should be limited to the tools and folders needed for the approved workflow.

Do you work in the client's systems or your own tools?

Both models are supported. Client Stack Modemeans Yokly works in the client's tools and licenses. Yokly Toolkit Mode means Yokly provisions a standard toolkit we can train, support, and QA consistently. Basecamp is the operating hub unless otherwise approved in writing.

Client Stack Mode

Work in your tools and licenses

Yokly Toolkit Mode

Standard toolkit provisioned by Yokly

How do you handle different data sensitivities?

Yokly uses data levels from L0 to L3. Associate and Specialized Associate support up to L2. Managed Team supports L3 with stronger safeguards. For regulated healthcare workflows, PHI requires Managed Team plus an executed BAA before handling begins.

L0

Public

L1

Internal

L2

Client-Confidential

L3

Restricted

Tier mapping:Associate/Specialized Associate → up to L2 • Managed Team → L3 with safeguards

Do you use screenshots?

Associate and Specialized Associate use activity and time-log oversight without screenshots. Managed Team may use blurred screenshots and QA sampling where the workflow and controls require it.

Do you support incident response?

Yes. Yokly follows an incident-response process for detection, containment, notification, recovery, and post-mortem follow-up. If there is actual or suspected unauthorized access to client data, Yokly notifies the client within 72 hours of discovery and cooperates with investigation and mitigation.

Response path:

DetectContainNotifyRecoverPost-Mortem

Can you support regulated environments?

Yes, where the correct tier, approvals, and addenda are in place. Regulated data should not be handled before the appropriate agreement terms are executed.

Do you provide legal or compliance advice?

No. Yokly supports approved workflows and controls, but does not provide legal, tax, or medical advice.

Security at a glance

Key security controls that protect your operations

Managed Devices

Company-controlled with encryption and remote wipe

Access Control

MFA, least-privilege, and controlled provisioning

Tier-Based Oversight

Activity logs to blurred screenshots based on tier

Data Levels

L0–L3 categories matched to tier capabilities

Incident Response

72-hour notification with documented process

Secure by Default

Security built into operating model from day one

Need more security details?

For diligence materials, security whitepapers, or specific security questions from your IT or legal team

security@yokly.com

Explore additional security and operational documentation

Trust and Security

Complete overview of security principles, data handling, and incident response.

View full security details →

SLA & Policies Overview

Plain-English summary of service levels, continuity, and operational standards.

Read SLA overview →

How We Work

Client journey, Basecamp operating hub, and the ROP Ramp progression.

See how we work →

Ready to move forward?

Explore our full security documentation or book a call to discuss your specific requirements

Review SLA & Policies →See How We Work →Contact security@yokly.com
Download Security WhitepaperBAA InformationCompliance DocumentationBook a Fit Check