Security Policy
At Consentra, we take the security of your data and our platform seriously. This policy outlines our commitment to protecting your information.
1. Data Protection
We implement industry-standard security measures to protect your data. All information is encrypted both in transit and at rest using state-of-the-art encryption protocols and best practices.
2. Infrastructure Security
- Cloud infrastructure hosted on secure, SOC 2 compliant platforms
- Regular security audits and penetration testing
- 24/7 infrastructure monitoring and threat detection
- Automated backup systems with encryption
- Disaster recovery and business continuity planning
3. Access Control
We maintain strict access controls with role-based permissions, multi-factor authentication, and regular access reviews. All system access is logged and monitored for suspicious activity.
4. Compliance Standards
- SOC 2 Type II certified
- GDPR compliant
- ISO 27001 certified
- Regular compliance audits
- Industry-specific compliance frameworks
5. Incident Response
We maintain a comprehensive incident response plan with defined procedures for identifying, containing, and resolving security incidents. Our team is trained to respond quickly and effectively to any security concerns.
6. Employee Security
- Regular security awareness training
- Background checks for all employees
- Secure development practices
- Confidentiality agreements
7. Third-Party Security
We carefully evaluate and monitor all third-party vendors and partners to ensure they meet our security standards. Regular security assessments are conducted to maintain compliance.
8. Security Updates
Our security measures are continuously updated to address new threats and vulnerabilities. We regularly patch our systems and maintain up-to-date security protocols.