Rise Vision Information Security
We understand the importance of maintaining security of our customer's data, and our commitment is demonstrated by our SOC 2 Type II attestation. This independent audit verifies that we have implemented controls and procedures to safeguard our customers’ data.
Visit our security portal to access our SOC 2 report and to learn more about our information security program.
If you believe you’ve discovered a security issue please let us know by emailing email@example.com.
We leverage Google Cloud Platform (GCP), a secure and reliable cloud infrastructure provider. GCP provides us with a range of security features and controls that allow us to secure our systems and data at every layer of the technology stack.
Policies and procedures, including background checks and security awareness training have been implemented to protect our customers’ data.
We adhere to role-based access controls (RBAC) and the principles of least privileged access for all systems. User access reviews are performed frequently and revoke access when no longer needed.
Software development at Rise Vision adheres to strict requirements that follow industry best practices, including but not limited to:
- Design review to ensure security requirements are incorporated.
- Static and automated testing for all code changes.
- Required peer review before changes can be deployed to production.
- Ongoing secure code training based on the OWASP Top 10.
Monitoring and Logging
We monitor our systems and applications for suspicious activity and maintain logs to help us identify and respond to security incidents.
All data is encrypted at rest and protected by Transport Layer Security (TLS) when in transit.
Penetration tests are performed at least annually by a qualified 3rd party.
We have implemented a risk management program to identify, assess, and mitigate potential risks to our business, our customers, and their data.
We have plans in place to ensure that our services can be restored promptly in the event of a disaster or other disruptive event.