We adhere to the same information security standards as our customers, designing our controls based on FFIEC IT Booklets and industry guidelines.
Our IT and Information Security teams not only support internal needs but also serve as auditors, pen testers, and consultants for clients, staying current with industry trends in data security and technology deployment.
We use industry-standard encryption for both data-at-rest and data-in-motion on all storage devices, including cloud-based and physical devices (e.g., laptops). Box Enterprise is our primary tool for securely exchanging documents with clients. In addition to ongoing monitoring per FFIEC guidance, we have enhanced Box’s security and created processes to protect client data. We can provide an infographic outlining these controls.
Our in-house security team conducts annual pen tests on our environment, following industry and regulatory standards, with the report available for client review.
Both IT and security teams regularly assess and reassess our controls using risk assessment tools and methodologies to continuously improve our security posture. We take data protection very seriously.
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.