AD Security Statement
AccessData’s Approach to Security
For more than 30 years, AccessData customers have relied on our products to ensure compliance and integrity in their environments. Because of this, we take security and compliance seriously and go out of our way to ensure that all aspects of our business meet the complex regulatory requirements our customers are required to adhere to, while being able to trust AccessData as a valuable partner in their forensic investigations, cyber response operations and legal document storage.
How We Approach Security.
AccessData customers require that our software be secure, both operationally on-premises as well as inside of cloud service environments. Every part of our software development lifecycle, and our professional services is done with a security-first mindset. AccessData Group, is a federal government contractor for multiple DoD agencies, working with our forensic and cyber response products, supporting our nations, most critical assets. We also ensure the following:
- Regular security scans of our code base and product offerings.
- Our development organization adheres to best practices and industry standards for ensuring compliance with our code security guidelines and controls.
- Regular security scans of our network infrastructure—both on premises and in the cloud.
- Customer data is isolated and encrypted using key pairs that are only used for single customers and isolated from any cross-customer access.
- Only the bare minimum number of employees have access to customer data, including a documented business reason and regular auditing of access.
- Our customers are protected using the latest technology including but not limited to TLS Certificates, Multi-Factor Authentication methods, and adhering to the best practices for Information Security Compliance.
- Proactive network monitoring and threat detection methods.
- We only use Cloud Service providers who are SOC2 and ISO 27001:2013 compliant.
Organizational Control Certifications.
Our customers have let us know how important it is that their vendors adhere to critical organizational controls. We have heard you. Since the middle of 2019, AccessData has been actively working on obtaining the following auditing and information security certifications:
- HITRUST (on track to have by the end of 2020)
- Service Organization Control (SOC) 2—Type 1 and Type 2 (on track to have early 2021)
- International Organization for Standardization (ISO) 27001:2013 (on track to have by the end of 2020)
More information about our approach to security, and the certification efforts that AccessData is pursuing is can be obtained from your AccessData Account Executive.