The SigTech platform is a cloud-native, fully-hosted SaaS platform. The platform is designed to be secure by default with segregation of resources and responsibilities, strong access controls and multi-factor authentication, vulnerability management, and continuous logging and monitoring used to protect our infrastructure at all times. All proprietary data are encrypted both at rest and in transit.
At SigTech, we prioritize the security of our customers’ data, employing a robust, multi-layered strategy. All customer data is encrypted both in transit and at rest using industry-leading standards, and strict access control measures are in place, ensuring only authorized personnel can access data. Regular security audits and continuous monitoring help us identify and mitigate potential vulnerabilities, while we also partner with third-party firms for penetration testing and vulnerability assessments.
We have been awarded certification to ISO 27001 undergoing regular audits by an independent third-party firm. ISO 27001 is the most widely adopted information security standard globally. It’s published by the International Standardization Organization (ISO) and sets out the policies and procedures needed to protect an organization, including all the risk controls (legal, physical and technical) necessary for robust IT security management. By becoming ISO 27001 certified, SigTech reconfirmed its deep commitment to ensuring that adequate security controls are in place to protect customer information and data from being accessed, corrupted, lost or stolen.
We are also fully compliant with the General Data Protection Regulation (GDPR). As we handle personal data from customers worldwide, including those residing within the EU, we have instituted data processing protocols that strictly adhere to GDPR guidelines.
Security is incorporated throughout the entirety of our software development life cycle allowing us to quickly identify and resolve any issues during the development process. We regularly perform threat modeling and internal and external penetration tests in order to identify all risks related to the SigTech networks and applications. Software releases are strictly controlled and follow our standard change management procedures.