top of page

Security

Security and Compliance at Systrends

We share our customers’ value for reliability and take extensive measures to meet high standards for cybersecurity

Systrends was built on a culture of security

We aim to go beyond the minimum standards required and regularly exceed the requirements of our customers

Independent Audits

Systrends maintains a SOC 2 Type II attestation that confirms our controls as a cloud service provider are appropriately designed and effectively executed.

AICPA SOC 2

Memberships

Systrends belongs to leading cybersecurity associations to maintain a pulse on the latest frameworks, threats, and preventative measures.

ISACA
(ISC)2

Certifications

Members of our team have undertaken rigorous training to ensure our organization remains diligent in identifying and avoiding potential cybersecurity threats.

CISA
CISM
CISSP

Application Security

Secure Development

Systrends has a formal Software Development Life Cycle (SDLC) methodology in place that governs the development, acquisition, implementation, changes (including emergency changes), and maintenance of information systems and related technology requirements. Development and Testing environments are separated from the Production environment, and segregation of duties enforce checks and balances to minimize risk.

Vulnerability Testing

Systrends conducts third-party penetration and requires vulnerability scanning at key stages of our SDLC.

Data Encryption

Systrends’ datastores housing sensitive customer data are encrypted at rest. The company uses secure data transmission protocols to encrypt confidential and sensitive data when transmitted over public networks.

Cloud Security

Data Hosting

​Customer data is stored in secure facilities, on secure servers, and within secure applications. Systrends’ operates two different data center locations within North America to provide operational redundancy.

Availability and Continuity

Systrends commits to a 99.5% uptime. Systrends’ data centers have robust security systems and redundant mechanical and electrical infrastructure to ensure reliability. Further, Systrends has Business Continuity and Disaster Recovery Plans in place that outline communication plans in order to maintain information security continuity in the event of the unavailability of key personnel.

Enterprise Security

Security Education

Systrends enforces mandatory security education training for all employees and contractors with access to Systrends’ systems. Training is required upon onboarding and annually thereafter. Training includes policies, standards, confidentiality and privacy, physical security, system security, acceptable use, social engineering, and more.

Identity and Access Management

Systrends uses Single Sign On (SSO) and grants employees access to applications based on their role and function. Access is immediately deprovisioned upon termination.

Learn more about our secure electronic filing and data exchange solutions.

bottom of page