BettrData Information Security Policy
Security Statement
Security Statement
BettrData.io maintains reasonable, technical, organizational and physical security measures to protect the security of Sensitive and Confidential data in transit, at rest, and in storage from unauthorized access or unlawful disclosure. Critical security controls include, but are not limited to, the following:
- Encryption in transit: Sensitive and Confidential data transfers are sent via a secure trans system that is transport layer security (TLS) 1.2 or higher.
- Encryption at rest: All BettrData.io servers, workstations and laptops use advanced encryption standard (AES) 256 disc encryption.
- Outbound files: A secure file transfer platform is used to transfer files outside of the BettrData.io network.
- Inbound files: During transfer, all files sent into the BettrData.io network are verified that they are free of corruption and that the files originated from a known source.
- Database: Company application databases that are externally accessible by web traffic are encrypted and provide a level of identification security using an application specific protocol such as HTTPS. Sensitive and Confidential data in BettrData.io databases is also encrypted from the customer side before being inserted into the database.
- Data segregation: sensitive and confidential data remains in either the on premises deployment of BettrData.io products or secure, cloud environments.
- Data storage: Sensitive and Confidential data is only stored in approved systems, databases, and endpoints (e.g. laptops).
- Cloud storage: Secure and Confidential data is stored in a secure, dedicated cloud environment behind a firewall.
- Production and test environments: BettrData.io sanitizes all production data before use in non-production environments, as applicable.
- Incident management: BettrData.io maintains a process for identifying, managing, and resolving privacy incident in accordance with the BettrData.io incident management policy.