Security
We take the security of your data very seriously at CTO. If you have additional questions regarding security, we are happy to answer them. Please write to security@cloudtechnologyoffice.com and we will respond as quickly as we can. This Security page describes the administrative, technical and physical controls applicable to CTO software and services.
Hosting, Architecture, and configurations
Cloud-Based Services
The cloud-based Enterpris Service Hub (ESH) platform is operated on a multitenant architecture at both the platform and infrastructure layers that is designed to segregate and restrict access to your CTO Organizations data. The authorization and data layers of your ESH Organization are totally segregated from other ESH Organizations using distinct AWS Services. This infrastructure is provided and hosted by Amazon Web Services, Inc. ("AWS"). Information about security provided by AWS is available from the AWS Security website. Information about security and privacy-related audits and certifications received by AWS, including information on SOC reports, is available from the AWS Compliance website.
Self-Hosted Services
For self-hosted CTO services, the services are hosted using your own infrastructure - such as in your own cloud or on-premises — so that you and your users interact with CTO services in your virtual private cloud (VPC) or behind your virtual private network (VPN). In provisioning a self-hosted account of the CTO services, our self-hosted image is built with the latest upstream version of Debian (CTO's base operating system image) with the latest security patches, and updates on a daily-basis.
Confidentiality and Security Controls
Confidentiality
CTO places strict controls over its employees' access to Customer Data. The operation of CTO services requires that some employees have access to the systems which store or process this information and data. For example, in order to diagnose a problem you are having with the CTO services, we may need to access your account. These employees are prohibited from using these permissions to view Customer Data unless it is necessary to do so. We have technical controls and audit policies in place to ensure that any access to your account is logged.
All of our employees and contract personnel are bound to our policies regarding confidentiality and we treat these issues as matters of the highest importance within our company.
Protection of Customer Data
While the protection of Customer Data is a joint responsibility between you and CTO, CTO will implement and maintain appropriate technical and organizational measures designed to protect your Customer Data against accidental or unlawful destruction, loss, alteration, and unauthorized disclosure when stored or processed using the CTO services. The CTO services have a number of security controls, including but not limited to:
Audit logging
Detailed audit logs are available to administrators of your Enterpris Service Hub cloud or self-install account. We log every time an account signs in and all associated API calls. More information about access logging is available in our Documentation.
Access Management
Administrators can remotely disable users authenticated to the CTO services, on demand. More information about access management is available in our Documentation.
Network Protection
In addition to sophisticated system monitoring and logging, we have implemented two-factor authentication for all server access across our production environment. Firewalls are configured according to industry best practices, using AWS security groups, network segmentation, and real-time intrusion monitoring.
Product security practices
New features, significant functionality, and design changes go through a security review process facilitated by the security team. In addition, our code is audited with automated static analysis software, tested, and manually peer-reviewed prior to being deployed to production. The security team works closely with development teams to resolve any additional security concerns that may arise during development.
Team-wide two-factor authentication.
Administrators can require all users to set up two-factor authentication on their accounts. Instructions for doing this are available in our Documentation.
Data Encryption
The CTO services use industry-accepted encryption products to protect Customer Data during transmissions between your network and the CTO services, and when at rest. The CTO services support the latest recommended secure cipher suites and protocols to encrypt all traffic in transit. CTO monitors the changing cryptographic landscape closely and works promptly to upgrade the service to respond to new cryptographic weaknesses as they are discovered and implement best practices as they evolve. For encryption in transit, CTO does this while also balancing the need for compatibility with older data sources.
Reliability, Backup, and Business Continuity
CTO is committed to making the CTO services a highly available service that you can rely on. The infrastructure CTO uses for delivering the services run on systems that are fault-tolerant, for failures of individual servers or even entire data centers. CTO's operations team tests disaster recovery measures regularly and has a 24-hour on-call team to quickly resolve unexpected incidents. CTO performs regular backups, facilitates rollbacks of software and system changes when necessary and replication of data as needed.
Customer Data, when stored by CTO, is done so redundantly in multiple locations in our hosting provider's data centers to ensure availability. CTO has well-tested backup and restoration procedures which allow recovery from a major disaster. Customer Data and our source code are automatically backed up every night and stored for seven days. The operations team is alerted in the event of a failure in this system. Backups are stored for seven days in the event of a catastrophic failure and fully tested at least every 90 days to confirm that CTO's processes and tools work as expected.
Return of Customer Data
Within 30 days post contract termination, you may request return of Customer Data stored by CTO (to the extent such data has not already been deleted by you). Information about the export capabilities of the CTO services can be found by reaching out to support@cloudtechnologyoffice.com.
Deletion of Customer Data
All associated Customer Data stored by CTO at any time during a subscription term will be deleted on receipt of an email to support@cloudtechnologyoffice.com. Within 24 hours of administrator-initiated deletion, CTO hard deletes all Customer Data from currently running production systems. CTO-maintained backups of services and data are destroyed within 30 days (backups are destroyed within 30 days, except that during an on-going investigation of an incident such period may be temporarily extended).
Monitoring, validation, and practices
Audits
To verify that our security practices are sound and to monitor the CTO services for new vulnerabilities discovered by the security research community, the CTO services undergo security assessments by internal personnel. Pipelines also have automated security scanning and remediations are forced where high risk vulnerabilities are found.
Intrusion Detection
CTO will monitor all CTO services and endpoints. Endpoints are monitored through continuous malware and anomaly detection. CTO-hosted cloud environments are logged and alerted 24/7 for suspicious or known malicious activity. Logs are also reviewed manually at least every 90 days.
Security Logs
Systems used in the provision of the CTO services log information to their respective system log facilities or a centralized logging service (for network systems) in order to enable security reviews and analysis. CTO maintains an extensive centralized logging environment in the production environment which contains information pertaining to security, monitoring, availability, access and other metrics about the CTO services.
Incident Management
CTO maintains security incident management policies and procedures. CTO notifies impacted customers without undue delay of any unauthorized disclosure of their respective Customer Data by CTO or its agents of which CTO becomes aware to the extent permitted by law. CTO typically notifies customers of significant system incidents by email.
Personnel Practices
CTO conducts background checks on all employees before employment, and employees receive privacy and security training during onboarding as well as on an ongoing basis. All employees are required to read and sign our comprehensive information security policy covering the security, availability, and confidentiality of the CTO services.