As a trusted service provider, AuditDashboard accepts responsibility for establishing, monitoring, and adhering to robust security controls.
AuditDashboard’s approach to security centers around two main ideas. The first is that we strive to exceed industry accepted standards. The second is that we are fully transparent with and accountable to you, our users. This section outlines some of the controls we have implemented, and the methods we have in place to ensure our product protects your data and your customer’s data.
AuditDashboard’s system architecture is designed in such a way that customer data is always both logically and physically separated from all other customers. Each customer is allocated their own data and storage layer in our environment, and all interactions with customer data are – by design – isolated to the portal the customer has set up.
AuditDashboard implements network security controls which include the encryption of all traffic using the 256-bit TLS transport protocol to protect all data transmitted between an end-user’s Web browser and AuditDashboard’s hosted platform. We honor a minimum of TLS 1.2 connections.
AuditDashboard applies Data Security controls to our data processing in real-time as well as our stored data. Customer Databases are secured using Transparent Data Encryption (TDE), protecting the database and all backups. The storage layer is FIPS 140-2 compliant 256-bit AES encryption, one of the strongest block ciphers available.
Our client portal application and all integrations it shares with other services are tested continually from a security perspective. Including static code analysis, software composition analysis, regression and acceptance-based testing, security threat model testing, and independently conducted penetration and vulnerability audits.
We work with industry leaders in the identity management space to streamline access management for both firms and client users.
AuditDashboard has implemented automated and manual processes to log, inform, investigate and address security-related events in the product, underlying network, and 3rd party integrations. In addition, detailed monitoring and risk assessment procedures are in place to monitor the AuditDashboard program.
Our production systems are managed through a series of automated configuration tools that ensure global consistency with our production deployments across our distributed data centers. All deployments are scripted prior to release and undergo rigorous, layered testing, and an appropriate review and approval.
We actively participate in the security community and work with industry leaders. We obtain industry-accepted certifications and comply with industry standards and regulations. Be assured that your data is secure and compliant with AuditDashboard.