Security Practices
At Stride, we take the security of our clients’ and our company’s data very seriously. We believe that it is the responsibility of every company you trust with your data to secure it according to best practices.
Audit Practices
-
Overview
Compiify undergoes security assessments by both internal personnel and our external security firm Agency who perform regular audits to verify that our security practices are sound and to monitor the services for new vulnerabilities discovered by the security research community.
Security Controls
-
Compiify has implemented and will maintain appropriate measures to protect your data against destruction, loss, or unauthorized access. The following security controls are in place.
-
Network Protection
-
Endpoint Detection & Response (EDR)
-
Endpoint Management (MDM)
-
Employee Password Managers
-
Employee Personal Device Protection
-
Multi-Factor Authentication
Monitoring & Logging
-
We understand that even the best software cannot prevent a security incident without 24/7 monitoring. Compiify employs Agency to continuously monitor all security systems, maintain forensic logs, and manage incident response.
-
Dedicated Security Monitoring
-
Security Logs
-
- Endpoint Logging
Personal Security Policy
-
Our employees are our first line of defense, and we provide them with the best available resources to protect themselves, and the data we hold.
-
24/7 Employee Access to security support
-
Employee Personal Device Protection
-
Personal Password Managers
Dark Web Monitoring
-
Compiify uses Agency to monitor the dark web on its behalf for exposure of employee passwords.
-
Dark Web Monitoring
Incident Management
-
Compiify maintains security incident management policies and procedures. In the event of an incident, we will notify all impacted clients, typically by email.
Confidentiality
-
Confidentiality agreements for all employees
-
Customer data deleted upon request or termination
Privacy
-
Complete privacy available here
Business Continuity
-
Recurring and periodic backups maintained
Infrastructure
-
At Compiify we use a variety of third party vendors to support our technology infrastructure and operations. We take the responsibility of selecting and vetting these vendors extremely seriously.
-
All infrastructure security fully-vetted
-
Security assessment performed on all critical-third party vendors
Vendors
-
We use the following subprocessors to manage certain critical infrastructure for our organization. These have been fully vetted, and are listed below:
-
Google Workspace
-
Slack
-
Github
-
Amazon Web Services