MODERN PLATFORM, MODERN SECURITY
Comprehensive security at all levels makes the SumTotal Cloud a trusted location for your organizations' most sensitive information. Standards-based security and operational compliance informed by the worlds leading compliance standards. From GDPR-compliance, to regional data sovereignty; we have it covered.
Security & Compliance
Information System Security is more challenging than ever. It is also more important than ever. Protecting your organization’s data is at the core of everything we do from robust role-based access and advanced security permissioning within our applications to comprehensive, standards-based cloud security at every level, at every moment.
Secure from the Start:
Effective Information System Security starts at the very beginning.
- Secure Coding and Design Standards
- On-Going Security Awareness Training
- Static Code Analysis
- 3rd Party Penetration and Application Testing
TLS 1.2 Encryption with modern, secure ciphers. FIPS 140-2-certified storage.
Hardened Systems and Compliance Scanning
Pre-hardened system images, deployed through automation ensures security compliance. Continuous security scanning guarantees things start secure and stay secure.
Realtime system scanning detects suspicious files immediately, including memory-resident risks.
Full network intrusion detection visibility identifies unusual network activity as it happens.
Standards-based security and operational compliance informed by the worlds leading compliance standards.
GDPR is one of the most important privacy frameworks in use today. Using our Data Processing Agreement framework or yours, you can be confident that we remain fully compliant together.
Robust, role-based access controls let you manage who can see what, when. Sophisticated and comprehensive data-access and data-management processes within the SumTotal Cloud makes sure it stays that way.
Data privacy features:
- Data Locality
- Data Segregation between tenants
- Data Not for sale
Unexpected things happen. Our comprehensive planning and a 24x7 team of skilled IT professionals will get services back up and running as quickly as possible.
Day to Day Operations
- ITIL based Change Control
- Purpose-built Architecture
- Data Locality
- Horizontal and Vertical Scalability
Established and tested Recovery Point and Recovery Time Objectives provide you clear expectations. A disaster probably won’t happen, but if it does, you can be confident that you are in good hands and that we will be communicating with you all along the way.