ThreatSwitch lives in AWS GovCloud, which is designed to store sensitive data related to national security. ThreatSwitch employs the highest FedRAMP certified solution in the cloud.
Data is encrypted both at-rest and in-transit using the latest technologies to keep your data safe.
ThreatSwitch undergoes annual third party SOC2 security audits and penetration testing to guarantee that our services meet the most stringent modern security controls.
At ThreatSwitch, we believe that sensitive customer data should stay that way. We employ strict controls preventing our team from accessing your information, and we never sell or share your information.
When dealing with compliance issues, it is critical that you are able to identify who made changes, when, and how. ThreatSwitch provides customers with a powerful history feature to get the answers you need immediately.
Granular permissions controls including custom roles clearly define and limit data access in ThreatSwitch to protect your information from unwanted modifications.
At least annually, ThreatSwitch performs a review of our core partner providers. In the event these reviews have material findings which we determine present risks to ThreatSwitch or our customers, we’ll work with the service provider to understand any potential impact to customer data and track their remediation efforts until the issue is resolved.
ThreatSwitch has a formal information security program in place that leads an information and Risk Management Committee. The Information and Risk Management Committee meets periodically to review security-related initiatives at the product, the infrastructure, and the company level.
At ThreatSwitch employees undergo comprehensive background checks, sign and follow a code of conduct and acceptable use policy, as well as undergo annual security awareness training.
We also have terms of service for our end users to ensure our customers completely understand how we intend our products to be used.