Trust & Security
At insightsoftware, we value and prioritize product security, data privacy, and regulation compliance, and build our solutions with reliability and security at their core. We invested significant resources, time, and effort to design an Information Security Management System (ISMS) that ensures Confidentiality, Integrity and Availability (CIA) of our services and privacy of our customer data.
Our cloud solutions encrypt data in transit and at storage using strong TLS encryption ciphers and AES-256. Cloud systems are protected using next-generation threat protection software.
Systems are evaluated and secured via our vulnerability management program, which includes scheduled scans and external attack surface / dark web monitoring. Public vulnerabilities are posted to our Security Advisories page.
Secure Software Development
insightsoftware’s secure software development lifecycle incorporates static code analysis, vulnerability scanning, and independent third-party penetration testing.
insightsoftware’s cloud products are designed for high performance and availability and built on best-in-class core technologies, such as AWS and Microsoft Azure. Automated backups are regularly scheduled and encrypted, and our services have documented disaster recovery and business continuity plans.
Security Incident Response
insightsoftware maintains a thoroughly documented incident response plan, which includes incident reporting, roles and responsibilities, prioritization, escalation, and remediation. We swiftly isolate the incident, reduce any impacts, and quickly communicate our actions to any affected customers.
Security is everyone’s responsibility at insightsoftware. All insightsoftware employees and contractors are required to take regular security awareness training and acknowledge our security policies. Employees are frequently tested with simulated phishing attacks.