As a trusted service provider, AuditDashboard accepts responsibility for establishing, monitoring, and adhering to robust security controls.
AuditDashboard’s approach to security centers around two main ideas. The first is that we strive to exceed industry accepted standards. The second is that we are fully transparent with and accountable to you, our users. This section outlines some of the controls we have implemented, and the methods we have in place to ensure our product protects your data and your customer’s data.
AuditDashboard’s system architecture is designed in such a way that customer data is always both logically and physically separated from all other customers. Each customer is allocated their own data and storage layer in our environment, and all interactions with customer data are – by design – isolated to the portal the customer has set up.
AuditDashboard enforces stringent network security measures, encrypting all data in transit with 256-bit TLS encryption. We ensure the protection of data between a user's web browser and our platform, strictly adhering to TLS 1.2 or higher.
AuditDashboard protects stored data with robust Data Security controls, utilizing Transparent Data Encryption (TDE) for customer databases and backups, and securing storage with FIPS 140-2 compliant 256-bit AES encryption.
Continuous security testing ensures the reliability of our client portal application and its integrations. We employ static code analysis, software composition analysis, regression, acceptance, and security threat model testing, alongside external penetration and vulnerability audits.
We work with industry leaders in the identity management space to streamline access management for both firms and client users.
AuditDashboard has implemented automated and manual processes to log, inform, investigate and address security-related events in the product, underlying network, and 3rd party integrations. In addition, detailed monitoring and risk assessment procedures are in place to monitor the AuditDashboard program.
Our production systems are managed through a series of automated configuration tools that ensure global consistency with our production deployments across our distributed data centers. All deployments are scripted prior to release and undergo rigorous, layered testing, and an appropriate review and approval.
We actively participate in the security community and work with industry leaders. We obtain industry-accepted certifications and comply with industry standards and regulations. Be assured that your data is secure and compliant with AuditDashboard.