Syncron Security

Our Dedication to Your Peace of Mind

At Syncron, we recognize the importance of protecting assets, products, and customer data. We are dedicated to delivering sophisticated products and services without compromising security. From comprehensive access controls and regular security assessments to staff training and incident management protocols, we strive to ensure confidentiality, integrity, and availability of information. In doing so, we create a safe and secure environment for our employees, customers and partners, allowing us to focus on helping you transform and connect your aftermarket service lifecycle.

Syncron Security promotes a safe and sound environment.

Protecting Our Customers and Their Data

Syncron Security uses a combination of physical, technical and administrative controls to mitigate risks and enhance overall security. We have a modern and resilient infrastructure built on Amazon Web Services (AWS). Our Connected Service Experience (CSX) platform and products feature comprehensive technical controls, including firewalls, intrusion detection systems, encryption protocols and regular software updates. Security controls and features also include:

Authentication

Authentication is available through configurable policies for strong passwords as well as support for single sign-on via SAML 2.0.

Access Control

We implement strict access control measures to safeguard data. Syncron follows the principle of least privilege, ensuring that only authorized personnel have access to sensitive information.

Data Encryption

Data at rest and in transit is encrypted using industry-standard protocols. These protocols ensure that sensitive information remains secure and protected from unauthorized access.

Audit Logging and Monitoring

Audit logging is enabled for sensitive events and entities by default, such as login history, administrative activity, and permissions. Investigators can analyze audit logs and configure settings for other users.

High Availability

The Syncron platform has high availability with redundant systems and an uptime service level promise of 99.5%. Several live copies of databases store data in separate data centers with automated failover.

Beyond technical controls, Syncron employs administrative controls that involve policies, procedures and employee training to ensure security awareness and compliance. Syncron also incorporates physical controls for access control, surveillance, and secure perimeters.

Syncron operations and products are vetted annually by a third party for SOC 2 and ISO 27001 compliance.

A Robust Infrastructure

a laptop running Syncron's Price solution software

The Syncron infrastructure is built on AWS, a leading cloud service provider known for its high-security standards. With AWS, we ensure a solid foundation that prioritizes data security.

A Proactive Approach

Proactive approach to security

Syncron undergoes routine security audits and assessments to identify and address any vulnerabilities promptly. We continuously improve our security practices by staying proactive and ensuring our systems are updated with the latest security standards.

Ongoing Training for Up-To-Date Support

We invest in regular training and awareness programs for our employees to keep them abreast of best security practices. Ongoing training and awareness helps foster a security-conscious culture within our organization, ensuring that data at Syncron gets handled with utmost care.

Your Privacy, Respected

Choice of Data Center Location

Your instance of Syncron can be hosted in Europe, Asia or the United States, depending on your preference. Your data never leaves your data center’s region.

Compliance With Data Protection Regulations

Syncron supports customer compliance with European and North American data privacy regulations via selective data location and protection agreements. We adhere to industry-specific compliance standards and regulations to protect customer data. Our commitment to compliance ensures that your information is handled with care and in accordance with applicable laws and regulations.

Commitment to GDPR Compliance

Syncron is committed to compliance with GDPR across its cloud services. We take GDPR compliance seriously and prioritize your privacy.

Full Data Ownership

Each customer owns their data and can opt to remove it at any time.

No Advertising

We do not scan your data for building analytics, data mining or advertising.

Compliance Certifications and Ratings

Syncron icon for increase in revenue and profitability

SOC 2 Compliance

System and Organization Controls (SOC) 2 Type II report is an independent, third-party examination demonstrating how Syncron achieves key compliance controls and objectives pertaining to security, availability, and confidentiality. Talk to your customer success manager for more information or to see the full report.

Certified Information Security

Syncron is ISO certified to ensure conformance and customer trust in our services and operations, which conform to international standards. Syncron operates with one integrated management system, fulfilling the standards of ISO 27001:2022 and ISO 27017.

Syncron icon for increase in revenue and profitability

Skyhigh Enterprise-Ready Certified

Syncron is rated enterprise-ready by Skyhigh, indicating that the Syncron platform satisfies the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.

Syncron icon for increase in revenue and profitability

UK Government G-Cloud Framework Compliant

The G-Cloud framework enables public bodies to procure commodity-based, pay-as-you-go cloud services on government-approved, short-term contracts through an online catalog. As a G-Cloud supplier for the UK public sector, Syncron offers services pursuant to the G-Cloud procurement process.

Syncron icon for increase in revenue and profitability

Trusted, Third-Party Data Centers

Syncron uses the AWS infrastructure for its cloud service. The AWS infrastructure carries ISO 27001 certification and SOC 1/2/3 attestation, among other industry certifications, alignments and frameworks.

Syncron icon for increase in revenue and profitability

Penetration Testing and Continuous Monitoring

Annual penetration tests are performed by independent third parties to verify the security of the infrastructure and its applications. Weekly network scans run against the entire public IP range to test open ports and running services. Quarterly internal and external vulnerability scans performed against Syncron systems.