Information Security and Privacy
Keeping client data safeSecurity is the foundation of our organization. SilkRoad Technology solutions have been built to keep your data safe. The SilkRoad Executive Leadership and Board of Directors are committed to preserving the confidentiality, integrity and availability of client data.
All SilkRoad employees are required to complete security, privacy and compliance training during their onboarding experience and on an annual basis. We believe that information security is every employee’s responsibility in their day-to-day operations.
SilkRoad provides best-in-class protection through its hardware, software and operations management. The infrastructure layer is designed in a defense and depth approach to provide the highest levels of system confidentiality, integrity and availability.
SilkRoad leverages industry-leading anti-malware solutions to ensure that any malicious behavior that attempts to penetrate the firewall, IPS and DMZ is caught at the server level and eradicated. SilkRoad leverages security solutions to continuously monitor the performance and safety of its solutions and network to mitigate risks and prevent system delays or outages.
System Monitoring and Redundancy
SilkRoad’s IT infrastructure is subject to annual penetration testing and scanned monthly for vulnerabilities using industry-leading technology. A portfolio of tools is used to alert responsible groups of component failures and thresholds indicating problems.
SilkRoad strives to eliminate any single point of failure by maintaining a highly available, secure environment that is ready for immediate failover. This is done through process flow among multiple devices and multiple service providers. This function is tested annually through our SOC 2 audit.
Security governance, risk and compliance
These policies and practices are evaluated semi-annually through internal review and annually by an independent SOC 2 audit.
General Data Protection Regulation
SilkRoad Technology also meets the requirements defined by the Swiss-U.S. Privacy Shield Framework and the EU-U.S. Privacy Shield Framework. These requirements are examined yearly.
Personally Identifiable Information
Data commonly accepted as sensitive and needing encryption would be social security numbers, drivers license numbers and bank account numbers, as well as other fields determined by the client.
SilkRoad Technology clients can remain confident their data is protected, and the usability and availability of their data are preserved.