How SuiteSpot Maintains Your Privacy and Security
We ensure the safety of your personal information by employing cloud-security protocols. Here's the breakdown:
We leverage cutting-edge technologies to guarantee the security of your personal information, incorporating firewalls, security controls, and encryption. Our stringent access controls and policies are implemented to ensure that only thoroughly vetted and authorized individuals can access your personal information. We consistently monitor potential threats to information security, allowing us to promptly address any issues that may arise.
Data Security Compliance
Ensuring compliance is just as crucial as maintaining robust security when it comes to the collection, storage, and utilization of your personal information. SuiteSpot is committed to certified compliance with globally recognized security standards, including:
SOC 2: SuiteSpot undergoes regular SSAE 18 SOC II audits to uphold our commitment to security. The results of these audits are encapsulated in an updated SOC 2 attestation report, which we are willing to share with customers under the terms of a Non-Disclosure Agreement (NDA). Feel free to request our latest SSAE 18 SOC 2 attestation report for your assurance.
Cloud Security
SuiteSpot implements stringent cloud-security measures to ensure the protection of your personal information against hackers, cyber attacks, data breaches, and other potential threats. Our platform is hardened through a combination of various technologies and policies designed to safeguard your data.
Cloud Hosting: SuiteSpot leverages Amazon Web Services (AWS), a certified provider with ISO 27001:2013 accreditation and an SSAE 18 SOC 2 Type II audit report. Explore further details about AWS compliance.
Encryption during Transit and Storage: Every piece of personal information undergoes encryption, employing HTTPS/TLS for transit and AES-256-bit encryption for storage. Our encryption procedures adhere to industry standards and undergo regular audits to maintain the utmost level of security.
Network protection: SuiteSpot safeguards its network by employing AWS security services, integrating with Web Application Firewall (WAF)-protected networks, and conducting regular audits. These audits monitor and/or block recognized malicious traffic and network attacks. Additionally, SuiteSpot employs robust password authentication and implements Multi-Factor Authentication (MFA) to control access to its production environment.
Dedicated security team: SuiteSpot’s security team is available 24/7 to respond to security alerts and events.
Incident response: In the event of critical system alerts, our 24/7 team members receive immediate escalation. SuiteSpot's security operations team is well-versed in security-incident response processes, encompassing communication channels and escalation paths.
Secure architecture zones:
SuiteSpot's network security architecture incorporates multiple security zones. Sensitive systems, such as database servers, receive protection within our most secure zones.
Network vulnerability scanning: SuiteSpot regularly scans its network for potential vulnerabilities.
Application Security
Ensuring application security is a paramount concern for us right from the inception of the software development process. We undertake essential measures to mitigate security risks, concurrently adhering to relevant regulatory requirements, providing both you and us with peace of mind.
Quality assurance: SuiteSpot’s Quality Assurance (QA) department reviews and tests our applications’ code base.
Software Development Life Cycle (SDLC): SuiteSpot follows a Software Development Life Cycle to guide how our solutions are built, tested and produced. SuiteSpot establishes specific milestones for developers to carry out various testing phases, including QA, static code analysis, and peer reviews. These measures are implemented to guarantee that our solutions adhere to consistent performance and security standards.
Third-party penetration testing: SuiteSpot employs third-party security experts to perform penetration testing on the native mobile apps and platform infrastructure.
Separate environments: SuiteSpot testing and staging environments are logically separated from the production environment.
Product Security Features
While our solutions are in operation under the supervision of local app administrators, the security remains intact at the permission level. Our inherent product security features empower local customer administrators to oversee and authorize permissions, mandating identity verification for all users. This functionality contributes to maintaining the safety and security of their most sensitive information and networks.
Single Sign-On (SSO): SuiteSpot supports Single Sign-On via Security Assertion Markup Language (SAML), a login standard that controls access to our apps, upon request. We integrate with Micorsoft Azure AD and Okta, a market-leading identity security cloud provider.
Secure Screening & Hiring Practices
SuiteSpot invests significant effort in ensuring that individuals responsible for constructing and maintaining our software products possess the necessary skills, certifications, knowledge, and/or experience essential for the task. The following are some of the measures we take to ensure we engage the most suitable individuals for the job:
Background checks: SuiteSpot performs background checks on new employees in accordance with local laws.
Security awareness policies: SuiteSpot employees receive regular security training, covering topics like information security and data privacy.
.png)
.png)
.png)
.png)
