Technical and Organizational Security Measures
At Corsearch, we prioritize the confidentiality, integrity, and availability of our information assets, recognizing the importance of maintaining a secure digital environment for our customers. Our commitment to information security is reflected in both our technical measures and organizational practices, ensuring that we safeguard confidential data, including personal data, and protect against existing and emerging cyber threats.
• Robust Encryption: We employ state-of-the-art encryption protocols to ensure that all confidential information exchanged between our customers, users and our systems remains confidential.
• Firewalls: We deploy network firewalls to monitor and control incoming and outgoing traffic, preventing unauthorized access, and enhancing our overall cybersecurity posture.
• Regular Software Updates: We continually monitor and update Corsearch Platforms, our software, operating systems and firmware across our laptop and server estates for vulnerabilities.
• Single Sign-On and Multi-Factor Authentication: We deploy Single Sign On (SSO) wherever feasible backed-up with multi-factor authentication to secure user access to our systems and data, whilst enabling immediate revocation of access for leavers.
• Continuous Monitoring and Incident Response: Our systems undergo continuous monitoring, backed by robust incident response procedures, to swiftly identify and mitigate any security incidents, including a Data Breach, minimizing potential impact.
• Information Security Policy: We adhere to a comprehensive information security policy that outlines the roles, responsibilities, and guidelines for our employees, (sub)contractors, and (sub)processors.
• Employee Training and Awareness: All employees receive quarterly training and regular updates on data privacy and security best practices and is kept informed about the latest threats, fostering a security-aware culture throughout the organization.
• Incident Response Plan: In the event of a security incident, including a Data Breach, we have a well-defined incident response plan in place, ensuring a swift and coordinated approach to minimize disruption and protect our assets.
• Vendor Security Assessment: We assess and monitor the data privacy and security practices of our third-party vendors to ensure they align with our stringent data privacy and security standards, safeguarding the integrity of our supply chain.
• Compliance and Legal Obligations: We are committed to complying with applicable legal and regulatory requirements related to data protection and information security, providing transparency and assurance.