Security
Effective use of data is not only important to our customers - it’s also critical to us as a business.
We work with a team of specialists to ensure we can provide our customers the assurance they need that their data and information is safe and secure. We continually work towards operational excellence and meeting ISO 27001 security standards.
What this means:
We have the best practice controls in place to protect your data.
We offer transparency about how we do business.
We work with independent advisers, consultants and auditors to ensure we meet the ISO standards.
We run external security audits run on a quarterly basis.
Key Security Features:
Password and Credential Storage
gather360 stores passwords using the bcrypt hashing function and allows 2FA (two-factor authentication).
Data Hosting and Storage
gather360 services and data are hosted in Microsoft Azure facilities in the EU.
Failover and DR
The gather360 platform and associated services were built with disaster recovery in mind our data is hosted across multiple regions in the EU which ensures business continuity with minimal downtime.
Back-Ups and Monitoring
gather360 have backup policies and procedures in place for datastores that contain customer data.
Permissions and Authentication
Access to customer data is limited to authorized employees who require it for their job.
gather360 has 2-factor authentication (2FA) and strong password policies across all its utilities.
Encryption
gather360 is served 100% over HTTPS using 256-bit encryption.
Our API and application endpoints are TLS/SSL only and score an “A” rating on Qualys SSL Labs‘ tests.
Incident Response
gather360 has procedures in place for security events which includes escalation procedures, rapid mitigation and post mortem.
Additional Security Precautions:
Data Protection Officer
We have an appointed Data Protection Officer to oversee and advise on our data management
Training
All employees complete Security and Awareness training annually.
Policies
gather360 has developed a comprehensive set of security policies covering a range of topics. These policies are updated frequently and shared with all employees.
Employee Vetting
gather360 performs background checks on all new employees in accordance with local laws.
Confidentiality
All employee contracts include a confidentiality agreement.
Related Articles
gather360 Release 2.17 and 2.18
We've launched two exciting new features to the gather360 application. These will enable you to: Automatically upload data files via email attachment Connect gather360 to existing Snowflake & Azure Storage Accounts More details and additional ...Connecting Azure Blog storage to gather360
Follow our setup guide to connect Azure Blob Storage to gather360. Prerequisites To connect Azure Blob Storage to gather360, you need: An Azure Blob Storage container holding files with supported file types and encodings The ability to grant gathe360 ...gather360 for data suppliers
gather360 for data suppliers An introduction to the basics of gather360, for data suppliers that have been invited to join a workspace. Welcome to gather360 If you've recently received an invitation to join a workspace, start here to learn more about ...Connecting Snowflake to gather360
Follow our setup guide to connect your Snowflake data warehouse to gather360 workspace. Prerequisites To connect Snowflake to gather360, you need the following: A Snowflake account with the appropriate permissions to create a user and warehouse for ...