Laserfiche WebLink
Security Policies and Procedures <br />9. IBM Cloudant <br />10. SalesForce <br />11. Elk Stack <br />12. Mixpanel <br />13. KissMetrics <br />14. Segment.io <br />15. Sendgrid <br />16. Customenio <br />Logs will be reviewed and analyzed by delegates of the ISO. <br />Reports of problems and incidents will follow the incident reporting method, listed in <br />the Incident and Breach Policy. <br />XX. Encryption <br />A. Preface <br />Encryption is the process of encoding messages of information is such a way that only <br />authorized parties can read it. <br />B. Application Encryption Policy <br />Virtru encrypts all client data using NIST-approved cryptographic modules. Virtru <br />uses AES 256 encryption for its application. Virtru's key length requirements shall be <br />reviewed annually as part of the yearly security review and upgraded as technology <br />allows. <br />The use of proprietary encryption algorithms is not allowed for any purpose, unless <br />reviewed by qualified experts outside of the vendor in question and approved by the <br />ISO. <br />C. Key Rotation Policy <br />Virtru requires the following key rotation policy to protect all external systems. The <br />following is the list of policies for the following keys: <br />1. Secure Socket Layer (SSL)Keys <br />Virtru uses SSL keys to enable Transport Layer Security (TLS) traffic between <br />clients and Virtru's servers. <br />Rotation Policy <br />39 <br />Rev.2015.8.6 <br />