Protecting Our Customers and Their Data

Syncron Security uses a combination of physical, technical and administrative controls to mitigate risks and enhance overall security. We have a modern and resilient infrastructure built on Amazon Web Services (AWS). Our Service Lifecycle Management (SLM) platform and products feature comprehensive technical controls, including firewalls, intrusion detection systems, encryption protocols and regular software updates. Security controls and features also include:

Authentication

Authentication is available through configurable policies for strong passwords as well as support for single sign-on via SAML 2.0.

Access Control

We implement strict access control measures to safeguard data. Syncron follows the principle of least privilege, ensuring that only authorized personnel have access to sensitive information.

Data Encryption

Data at rest and in transit is encrypted using industry-standard protocols. These protocols ensure that sensitive information remains secure and protected from unauthorized access.

Audit Logging and Monitoring

Audit logging is enabled for sensitive events and entities by default, such as login history, administrative activity, and permissions. Investigators can analyze audit logs and configure settings for other users.

High Availability

The Syncron platform has high availability with redundant systems and an uptime service level promise of 99.5%. Several live copies of databases store data in separate data centers with automated failover.

Beyond technical controls, Syncron employs administrative controls that involve policies, procedures and employee training to ensure security awareness and compliance. Syncron also incorporates physical controls for access control, surveillance, and secure perimeters.

Syncron operations and products are vetted annually by a third party for SOC 2 and ISO 27001 compliance.

Ongoing Training for Up-To-Date Support

We invest in regular training and awareness programs for our employees to keep them abreast of best security practices. Ongoing training and awareness helps foster a security-conscious culture within our organization, ensuring that data at Syncron gets handled with utmost care.

A Robust Infrastructure

The Syncron infrastructure is built on AWS, a leading cloud service provider known for its high-security standards. With AWS, we ensure a solid foundation that prioritizes data security.

A Robust Infrastructure

A Proactive Approach

Syncron undergoes routine security audits and assessments to identify and address any vulnerabilities promptly. We continuously improve our security practices by staying proactive and ensuring our systems are updated with the latest security standards.

A Proactive Approach

Your Privacy, Respected

Choice of Data Center Location

Your instance of Syncron can be hosted in Europe, Asia or the United States, depending on your preference. Your data never leaves your data center’s region.

Compliance With Data Protection Regulations

Syncron supports customer compliance with European and North American data privacy regulations via selective data location and protection agreements. We adhere to industry-specific compliance standards and regulations to protect customer data. Our commitment to compliance ensures that your information is handled with care and in accordance with applicable laws and regulations.

Commitment to GDPR Compliance

Syncron is committed to compliance with GDPR across its cloud services. We take GDPR compliance seriously and prioritize your privacy.

Full Data Ownership

Each customer owns their data and can opt to remove it at any time.

No Advertising

We do not scan your data for building analytics, data mining or advertising.

Compliance Certifications and Ratings

SOC 2 Compliance
SOC 2 Compliance

System and Organization Controls (SOC) 2 Type II report is an independent, third-party examination demonstrating how Syncron achieves key compliance controls and objectives pertaining to security, availability, and confidentiality. Talk to your customer success manager for more information or to see the full report.

ISO 27001:2022 and ISO 27017
ISO 27001:2022 and ISO 27017

Syncron is ISO certified to ensure conformance and customer trust in our services and operations, which conform to international standards. Syncron operates with one integrated management system, fulfilling the standards of ISO 27001:2022 and ISO 27017.

Trusted, Third-Party Data Centers
Trusted, Third-Party Data Centers

Syncron uses the AWS infrastructure for its cloud service. The AWS infrastructure carries ISO 27001 certification and SOC 1/2/3 attestation, among other industry certifications, alignments and frameworks.

Penetration Testing and Continuous Monitoring
Penetration Testing and Continuous Monitoring

Annual penetration tests are performed by independent third parties to verify the security of the infrastructure and its applications. Weekly network scans run against the entire public IP range to test open ports and running services. Quarterly internal and external vulnerability scans performed against Syncron systems.