S.01
SOC 2 compliance
Gizmo is in the process of achieving SOC 2 Type II compliance.
Security
Safe, secure, and compliant.
Gizmo protects borrower data, loan files, and team workflows from first contact through close. Your customer data stays your customer data.
Inputs
Data boundary
Audit trail
Controls
Borrower NPI
Credit workflows
Loan files
Team access
AI actions
LOS connections
Enterprise-grade security
Mortgage data deserves a tighter operating model. Gizmo is built around clear controls for borrower data, loan files, workflow automation, and the people who touch them.
S.02
App approvals
Control which third-party applications have access to your Gizmo workspace.
S.03
Audit logs
Audit logs automatically keep track of important workspace events over the last 3 months.
S.04
Admin controls
Restrict access to system-level privileges.
Identity management
Keep the right people close to the file. Gizmo supports teams where loan officers, processors, managers, and agents need different access at different moments.
I.01
Single sign-on (SSO)
Authenticate into Gizmo using Microsoft Entra SSO.
I.02
Passkeys
Secure and fast login without having to rely on passwords.
I.03
SAML
Gizmo offers SAML via most identity providers (Okta, OneLogin, LastPass, Auth0, Bitium, and more).
I.04
SCIM
Provision and deprovision users in Gizmo through your identity provider.
I.05
Domain claiming
Add an extra layer of security and keep your teammates in the right workspace.
I.06
Login restrictions
Restrict login to specific methods for added security (Google SSO or email logins).
Privacy
Borrower information should not sprawl across tools. Gizmo brings conversations, documents, pricing, credit, and execution into one controlled workspace.
P.01
NPI-aware workflows
Loan data is treated as sensitive from the first conversation through post-close work.
P.02
Private workspaces
Borrowers, loans, teams, and operational data stay inside their intended workspace.
P.03
Data encryption
Gizmo forces HTTPS on all connections and encrypts data in-transit with TLS 1.2. All data at-rest is secured using AES 256-bit encryption.
P.04
Guest accounts
Invite contractors, external stakeholders, or other members with limited workspace access.
Trust
Need security details for vendor review?
We can share the right security context with lender, compliance, and procurement teams during diligence.