[January 3, 2024]
In addition to curating the most advanced security solutions to deliver the DataEndure Solutions, we are also dedicated to protecting all the data that we collect, in accordance with industry best standards and practices. Our customers demand the highest levels of data security, and many have tested our Solutions to verify that it meets their standards.
We recognize that our customers’ information must be well managed, controlled and protected. To that end, We have a dedicated security team that oversees DataEndure’s information security program, which encompasses high-quality network security, application security, identity and access controls, change management, vulnerability management and third-party pentesting, log/event management, vendor risk management, physical security, endpoint security, physical security, governance & compliance, and people/HR security, disaster recovery and a host of additional controls. Among other things, Our servers are protected by high-end firewall systems, scans are performed regularly to ensure that any exposed vulnerabilities are quickly found and patched, complete penetration tests are performed yearly, customer data is processed and stored at a specific location known to the customer within a specific region such as North America, Europe or Asia, access to systems is restricted to specific individuals based on “need to know” principles and monitored and audited for compliance, We use Transport Layer Security (TLS) encryption (also known as HTTPS) for all customer data transfers, and customers can elect to have all their data encrypted at rest Our Solutions are hosted by AWS, which is independently audited using the ISO 27001 and SOC 2 Type II Standards as described here.
Finally, if you are a customer we ask that you ensure that your administrators of the Solutions ensure sound security practices in maintaining access credentials to your instance of the Solutions, including strong account passwords and access restrictions to your accounts to authorized persons. Where customers become aware of a compromise to any of their account credentials, we ask that you notify us immediately by contacting our Support Team.