Skip to Content
PoliciesSecurity Policy

Security Policy

Effective: August 19, 2024

This Security Policy (“Policy”) outlines the security measures and practices implemented by Computrols, Inc. (“we,” “us,” or “our”) to protect the confidentiality, integrity, and availability of the data and systems associated with our software-as-a-service (“SaaS”) platform (referred to as the “Services”). We are committed to maintaining a secure environment for our users’ information.

Information Security Governance

We have established a comprehensive information security governance framework that includes policies, procedures, and controls to ensure the ongoing protection of our Services and user data. This framework is reviewed and updated regularly to address evolving security threats and industry best practices.

Access Control

We implement strict access controls to ensure that only authorized individuals have access to our systems and data. This includes:

a. User authentication: Users are required to use unique and strong passwords, and multi-factor authentication (MFA) is encouraged to provide an additional layer of security.

b. Role-based access control (RBAC): Access rights are assigned based on job responsibilities, limiting access to only what is necessary for individuals to perform their duties.

c. Regular access reviews: Access permissions are periodically reviewed and revoked as needed when users change roles or leave the organization.

Data Protection

We take appropriate measures to protect the confidentiality and integrity of user data. This includes:

a. Encryption: User data is encrypted during transit and at rest using industry-standard encryption protocols.

b. Data backups: Regular backups are performed to ensure data can be restored in the event of data loss or system failures.

c. Data minimization: We only collect and retain the minimum amount of data required to provide our Services, and we do not store sensitive payment information.

System Monitoring and Logging

We employ monitoring tools and techniques to detect and respond to security incidents in a timely manner. This includes:

a. Intrusion detection and prevention systems (IDS/IPS): We utilize IDS/IPS to monitor network traffic and identify potential threats or unauthorized access attempts.

b. Log management: We collect and analyze system logs to identify any suspicious or abnormal activities.

c. Incident response: We have established incident response procedures to ensure a prompt and effective response to security incidents.

Regular Security Assessments

We conduct regular security assessments, including vulnerability scanning and penetration testing, to identify and address any potential vulnerabilities or weaknesses in our systems. We work to promptly remediate any identified vulnerabilities and regularly update our security controls to protect against emerging threats.

Employee Security Awareness

We provide ongoing security awareness training to our employees to ensure they are knowledgeable about best practices, potential threats, and their role in safeguarding user data. Employees are required to adhere to our security policies and procedures.

Third-party Security

We carefully evaluate the security practices of third-party service providers that we engage with and ensure they meet our security standards. We enter into appropriate agreements with these providers to protect the security and confidentiality of user data.

Compliance with Laws and Regulations

We comply with applicable data protection and privacy laws and regulations, including but not limited to the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

Security Incident Reporting

We have established procedures for reporting security incidents. If you suspect a security incident or have any security concerns, please report it immediately to our designated security contact.

Policy Review and Updates

This Security Policy is reviewed periodically and updated as necessary to reflect changes in technology, security threats, or legal and regulatory requirements.

Contact Us

If you have any questions or concerns about our Security Policy or the security of our Services, please contact us at techsupport@computrols.com.

Acknowledgment

By using our Services, you acknowledge that you have read and understood this Security Policy and agree to comply with its provisions.

Privacy PolicyTerms of Service