Security and Privacy at Cetaris
Our Security Policy
Cetaris Inc. (“Cetaris”) and its subsidiaries and affiliates are committed to ensuring security and protecting your privacy. Our security and privacy teams establish policies and procedures for this purpose.
We implement the following measures to ensure security:
A. Data Protection
- All data is encrypted in transit, and Cetaris uses TLS v1.2
- All data is encrypted at rest, using AES-256.
- Encryption keys are managed using Azure Key Vault.
B. Product Security
- We collaborate with third-party experts to carry out penetration tests, aiming to detect any vulnerabilities within our system that could potentially impact critical assets.
- We employ third-party tools for ongoing scanning of our applications, systems, and infrastructure to proactively identify and address security risks and vulnerabilities.
C. Enterprise Security
- We have implemented robust access control measures within our organization. At Cetaris, application access is granted to team members based on their specific roles, ensuring appropriate privileges, and access is revoked as soon as a team member’s employment is terminated.
- We maintain centralized management for all our devices, employing mobile device management software and robust anti-malware protection across the board.
- We use secure remote-connection tools to secure protected access to our internal resources.
- Our security team establishes and enforces good security practices and promptly respond to any security incidents that may arise.
- We conduct regular reviews and updates of our security policies and procedures to ensure they remain up to date and effective.
- We are in the process of obtaining a SOC2 Type II attestation, demonstrating our commitment to maintaining strong security and privacy practices. Please reach out to us for further information.
D. People Security
- Cetaris team members are dedicated to upholding security standards. We provide regular training sessions to ensure that all employees are well-informed and equipped with the necessary knowledge.
- We conduct thorough pre-hire background checks on all prospective employees. Additionally, upon joining our team, new members undergo training to familiarize themselves with our security practices.
- We prioritize the security and privacy of our operations by conducting thorough evaluations of all potential vendors. Only after conducting a comprehensive review of their security and privacy practices do we select and engage with vendors to ensure the highest standards are upheld.
Please reach out to [email protected], with your name, email address and request, for further information on our privacy and security practices.