Accelerate your time-to-market with unmatched quality through our subscription-based development services
Accelerate your time-to-market with unmatched quality through our subscription-based development services
| Trust Center
Vaival Technologies is the partner of choice for entrepreneurs, SMEs and major corporations. Since 2010, we’ve helped many businesses enhance their potential via custom software development, web3 & blockchain, dev-ops, design innovation and IT consulting services.
+ 4 more
+ 5 more
+ 27 more
The company restricts privileged access to encryption keys to authorized users with a business need.
System access restricted to authorized access only
The company's access control policy documents the requirements for the following access control functions:
The company's production systems can only be remotely accessed by authorized employees via an approved encrypted connection.
The company utilizes a log management tool to identify events that may have a potential impact on the company's ability to achieve its security objectives.
The company reviews its firewall rulesets at least annually. Required changes are tracked to completion.
The company uses firewalls and configures them to prevent unauthorized access.
The company has electronic media containing confidential information purged or destroyed in accordance with best practices, and certificates of destruction are issued for each device destroyed.
The company performs background checks on new employees.
The company requires contractor agreements to include a code of conduct or reference to the company code of conduct.
The company requires employees to acknowledge a code of conduct at the time of hire. Employees who violate the code of conduct are subject to disciplinary actions in accordance with a disciplinary policy.
The company requires contractors to sign a confidentiality agreement at the time of engagement.
The company requires employees to sign a confidentiality agreement during onboarding.
The company requires visitors to sign-in, wear a visitor badge, and be escorted by an authorized employee when accessing the data center or secure areas.
The company requires employees to complete security awareness training within thirty days of hire and at least annually thereafter.
The company's datastores housing sensitive customer data are encrypted at rest.
The company performs control self-assessments at least annually to gain assurance that controls are in place and operating effectively. Corrective actions are taken based on relevant findings. If the company has committed to an SLA for a finding, the corrective action is completed within that SLA.
The company's formal policies outline the requirements for the following functions related to IT / Engineering:
The company has Business Continuity and Disaster Recovery Plans in place that outline communication plans in order to maintain information security continuity in the event of the unavailability of key personnel.
The company has a documented business continuity/disaster recovery (BC/DR) plan and tests it at least annually.
The company maintains cybersecurity insurance to mitigate the financial impact of business disruptions.