1 more topic
- Data Security
- Data Encrypted At-Rest
Sensitive customer data at rest is encrypted using 256-bit Advanced Encryption Standard (AES).
- Data Encrypted In-Transit
All customer data is protected using strong encryption protocols. We ensure all connections to our servers use Transport Layer Security (TLS 1.2/1.3) encryption with the industry-standard AES-256 ciphers for all connections.
- Data Retention Policy
Data collected by Certn is retained for a time period agreed on by both parties and deleted thereafter. However, once deleted, data cannot be restored.
Note: This applies to all data collected by Certn except data that resides in any Certn product or service, data that resides in third party services managed and hosted by third parties, with the exception of the company’s infrastructure provider, data that resides in Certn products or services that are in beta, testing, or an early access program.
- Organizational Security
- Employee Security Training
Each employee, on admission to Certn undergoes a series of training in information security, privacy, and compliance. All employees are required to sign non-disclosure and confidentiality agreements.
The Security team provides additional security awareness updates via email, during internal events and other communication channels to keep everyone updated regarding the security practices of the organization.
- Personnel Screening
Certn performs background checks on all employees (full time and contractors) in accordance with state and federal laws. This is done to verify their criminal records, previous employment records if any, and educational background etc. Until these checks are completed, the employee is not assigned tasks that may pose risks to users.
1 more topic
Sign up to see the rest of Certn's posture and unlock unlimited access.
Unlimited access to the directory allows you to review and compare thousands of security postures sourced from around the web.