Have peace of mind and focus on the important things
At CtrlPrint, we achieve the highest level of security by performing full security audits of our product and infrastructure regularly, including third-party audits. We are ISO27001:2013 certified, and we follow the recommendations of Cloud Security Alliance’s (CSA) Security, Trust & Assurance Registry (STAR). We have completed a Consensus Assessment Initiative (CAI) Questionnaire, based on the results of our due diligence self-assessment.
The CtrlPrint servers are located in multiple different geographically separated data centers to gain redundancy. All systems, networked devices, and circuits are constantly monitored by both CtrlPrint and the data center. Even if disaster strikes and one of our data centers becomes inaccessible, CtrlPrint keeps on running.
|Data security||All document data that is stored within CtrlPrint is automatically encrypted using strong multi-factor encryption. Each document is encrypted with a unique key, and as an additional safeguard, the key is itself encrypted. CtrlPrint uses one of the strongest block ciphers available, 256-bit Advanced Encryption Standard (AES-256), to encrypt document data.|
|Physical security||The data centers where the CtrlPrint servers are hosted is compliant with ISO 27001 and the PCI Data Security Standard. The data center features 24-hour manned security, biometric access control, video surveillance, and physical locks.|
|Transmission security||All communications with CtrlPrint servers are encrypted using industry standard TLS protocol with 256-bit AES encryption. Our certificates also supports Elliptic Curve Cryptography (ECC), which further increases both the speed and security of the secured communications.|
|Account Setup and Use|
|Access control||Each CtrlPrint user is identified with a unique user name and password, and all access to data within CtrlPrint is governed by access rights. Your CtrlPrint administrator can define granular access privileges to certain parts in different levels. Our security architecture ensures segregation of customer data.|
|Two-step authentication||With two-step authentication, users' accounts are protected by both a user name and password combination, as well as a time-based one-time password generated by their phone.|
|Application security||CtrlPrint maintains a robust application audit log, to include security events such as user logins and configuration changes. Additionally, CtrlPrint follows secure credential storage best practices by encrypting stored passwords using a multiple iteration, one-way, strong algorithm. This means that not even the CtrlPrint staff can view or recover passwords.|
|Prevention and Detection|
|Vulnerability management||The CtrlPrint application and its supporting infrastructure are reviewed for potentially harmful vulnerabilities. We maintain a dedicated application security team in-house to test and remediate any discovered issues.|
|Data backup and recovery||The CtrlPrint platform is built to be resilient – the application servers, the database, the data storage, as well as load balancer and firewalls are all redundant across geographically separate data centers. CtrlPrint maintains complete backups of everything required to restore the complete system at a different data center, should it prove necessary.|
|Independent audits||The CtrlPrint infrastructure and application code is scrutinized annually by independent security specialists to help assess and strengthen the service. These tests are done both as black box penetration tests, as well as source code and architectural reviews.|