VividCortex protects our customers' data and privacy with best-in-class security processes and technology. Our comprehensive security program consists of five key components, which ensure the highest standards of protection.
Access Controls - The VividCortex platform provides enterprise-grade capabilities to ensure that access to your organization's VividCortex instance is controlled, managed, and secure. Our Role-Based Access Control (RBAC), Single Sign-On (SSO) and SAML integration allow you to quickly provision, onboard, and revoke users, aligning with your organization's control policies and procedures.
Customer Sensitive - If you have contractual and/or governmental data compliance requirements for managing “Customer Sensitive” data -- such as PCI, ePHI, PII etc. -- VividCortex provides a configurable option to filter Customer Sensitive data. With these options, the data never leaves your server and never enters the VividCortex Cloud environment.
VividCortex employs a dedicated, full-time team of experienced security professionals to safeguard your information and answer any questions that you may have about our security plan, policies, and capabilities. The Director of Information Security manages a formal Risk Management program and reports directly to the CEO and Board of Directors.
For communications pertaining to Security, please email firstname.lastname@example.org. Lastly, our security team frequently posts and discusses security topics on the VividCortex Blog.
The VividCortex security framework is built on the International ISO/IEC 27000 family of standards, in combination with the Cloud Security Alliance (CSA), a guideline tailored to Security SaaS modeling.
The VividCortex Information Security Management System (ISMS) consists of the following components:
The governing principle behind the ISMS is that VividCortex has designed, implemented, and consistently maintains a coherent set of policies, processes, and systems to manage any risks to its information assets.
VividCortex has formal processes to ensure that we are in compliance with our rigorous security policies and procedures, and that our actions result in a strong information management defense. VividCortex routinely undergoes security vulnerability assessments and penetration testing, by both internal staff and third parties. These measures identify potential vulnerabilities and evolve our security stance. Our SOC 2 compliance attestation is in process, and we regularly perform and pass firewall vulnerability testing which meet PCI DSS standards.