Security
Security and Compliance at Systrends
We share our customers’ value for reliability and take extensive measures to meet high standards for cybersecurity
Systrends was built on a culture of security
We aim to go beyond the minimum standards required and regularly exceed the requirements of our customers
Independent Audits
Systrends maintains a SOC 2 Type II attestation that confirms our controls as a cloud service provider are appropriately designed and effectively executed.
Memberships
Systrends belongs to leading cybersecurity associations to maintain a pulse on the latest frameworks, threats, and preventative measures.
Certifications
Members of our team have undertaken rigorous training to ensure our organization remains diligent in identifying and avoiding potential cybersecurity threats.
Application Security
Secure Development
Systrends has a formal Software Development Life Cycle (SDLC) methodology in place that governs the development, acquisition, implementation, changes (including emergency changes), and maintenance of information systems and related technology requirements. Development and Testing environments are separated from the Production environment, and segregation of duties enforce checks and balances to minimize risk.
Vulnerability Testing
Systrends conducts third-party penetration and requires vulnerability scanning at key stages of our SDLC.
Data Encryption
Systrends’ datastores housing sensitive customer data are encrypted at rest. The company uses secure data transmission protocols to encrypt confidential and sensitive data when transmitted over public networks.
Cloud Security
Data Hosting
Customer data is stored in secure facilities, on secure servers, and within secure applications. Systrends’ operates two different data center locations within North America to provide operational redundancy.
Availability and Continuity
Systrends commits to a 99.5% uptime. Systrends’ data centers have robust security systems and redundant mechanical and electrical infrastructure to ensure reliability. Further, Systrends has Business Continuity and Disaster Recovery Plans in place that outline communication plans in order to maintain information security continuity in the event of the unavailability of key personnel.
Enterprise Security
Security Education
Systrends enforces mandatory security education training for all employees and contractors with access to Systrends’ systems. Training is required upon onboarding and annually thereafter. Training includes policies, standards, confidentiality and privacy, physical security, system security, acceptable use, social engineering, and more.
Identity and Access Management
Systrends uses Single Sign On (SSO) and grants employees access to applications based on their role and function. Access is immediately deprovisioned upon termination.