Follow

VisibleThread Cloud Security Policy

VisibleThread Cloud Security Statement

Last updated - Jan 2016

Overview

VisibleThread is committed to protecting your information. We take the measures outlined below to ensure the privacy of your data for both our document analysis product ‘VisibleThread Docs’ and our web content analysis product ‘VisibleThread Web’. The rest of this document covers security elements for both product lines.

Applicability

This policy applies to the following VisibleThread products:

  • VisibleThread Docs - on demand
  • VisibleThread Web - on demand (aka Clarity Grader)

 

Data Center Security

The VisibleThread cloud servers are hosted by Rackspace (NYSE) www.rackspace.com. These servers are located in the continental USA. Rackspace have been awarded the ISO 27001, PCI-DSS , ISAE 3402, SSAE16 Type II SOC1, SOC2 and SOC3 certifications. They provide comprehensive physical and operational security procedures to secure access to our servers.

Secure Communication

All communication between the user and the VisibleThread cloud server is encrypted over SSL/HTTPS. Any attempt to connect over HTTP is redirected to HTTPS.

Password Encryption

Your VisibleThread password is protected by encryption. Once a user has successfully authenticated with the server, a secure cookie is used to identify that user for the lifetime of the session.

Account Isolation

All customer data on our cloud servers is treated as confidential. Each account or sandbox on the VisibleThread servers operates in isolation. Your data is private to you and other users in your sandbox. No data, or user credentials are shared between sandboxes.

Intrusion Prevention

The VisibleThread cloud servers operate behind a firewall designed to prevent unwanted intrusion.

Console access to the servers is restricted via IP and secure certificates.

Anti-Virus

All VisibleThread cloud servers are actively scanned with up to date anti-virus scanners.

Backups

Our cloud servers are backed up on a daily basis. Backups are transferred offsite over secure SSH.

Secure Development Best Practices

The VisibleThread application development teams follows many OWASP (https://www.owasp.org ) secure coding guidelines and run regular Vulnerability and Intrusion Detection Scans on the VisibleThread test servers.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

0 Comments

Article is closed for comments.