Difference between revisions of "Data Security Commitment"
Jump to navigation
Jump to search
| (9 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
| − | + | This document can now be found at its new location in the [https://docs.hornbill.com/hornbill-cloud/data-security-commitment/ Hornbill Document Library]. | |
| + | [[file:hornbill-document-library.png|Hornbill Cloud|link=https://docs.hornbill.com/hornbill-cloud/data-security-commitment/]] | ||
| − | All data transmitted from Hornbill network will be encrypted. | + | <!-- |
| − | All data is stored within the legal geographical entity associated with your Head office (Unless requested otherwise). | + | Hornbills commitment to data security and confidentiality is paramount in everything we do. To this end we have undertaken a number of objectives (including ISO27001 and 27018) to ensure your data remains |
| − | Hornbill will not use any of your data for marketing\advertising unless specifically agreed with yourself. (for example in a case study). | + | secure at all times. The pages within the wiki and your contract agreements detail how we do this in detail, however below are the key points |
| − | Hornbill will not access any of your instance data unless you specifically provide authorization (for example in case of a support query). We will treat your data like a black box | + | |
| − | Any request by 3rd party to access your data will be submitted to yourselves for approval before any action is taken. | + | |
| − | Any change to the existing sub contractors (https://wiki.hornbill.com/index.php/FAQ:Subprocessors) will be disclosed to yourselves prior to change. | + | *All data transmitted from Hornbill network will be encrypted. |
| − | Hornbill is committed to achieving all compliance with GDPR, Data Protection | + | *All data is stored within the legal geographical entity associated with your Head office (Unless requested otherwise). |
| − | Any processing of log files for analytics will be anonymized. | + | *Hornbill will not use any of your data for marketing\advertising unless specifically agreed with yourself. (for example in a case study). |
| − | We will inform you within 24 hours of any suspected data breach. | + | *Hornbill will not access any of your instance data unless you specifically provide authorization (for example in case of a support query). We will treat your data like a black box |
| − | Any questions or concerns can be raised via | + | *Any request by 3rd party to access your data will be submitted to yourselves for approval before any action is taken. |
| + | *Any change to the existing sub contractors (https://wiki.hornbill.com/index.php/FAQ:Subprocessors) will be disclosed to yourselves prior to change. | ||
| + | *Hornbill is committed to achieving all compliance with all applicable laws governing data in your geographical location. This includes GDPR, Data Protection Act, HIPAA. | ||
| + | *Any processing of log files for analytics will be anonymized. | ||
| + | *We will inform you within 24 hours of any suspected data breach. | ||
| + | *We will report any malicious or abnormal activity on the services we provide, should the need arise (for example, Low level "background" threats such as port scans etc that may occur will not be reported, however a sustained attack against a specific instance or end point may, even if not successful) within 1 hour. | ||
| + | *Any questions or concerns can be raised via data.processor-hornbill@live.hornbill.com | ||
Trust and Security is a two way path and to this end we request that you meet the following | Trust and Security is a two way path and to this end we request that you meet the following | ||
| − | Always use Strong passwords to secure your instance | + | *Always use Strong passwords to secure your instance |
| − | Always use the | + | *Always use the encrypted protocols when given the change (POP3s\SMPTS etc) |
| − | Inform us within 24 hours if you suspect accounts linked to Hornbill have been breached. | + | *Inform us within 24 hours if you suspect accounts linked to Hornbill have been breached. |
| − | + | *Customers as per Terms of Service will not use any other individual’s or entity’s login or identity or any other unauthorised method to access or use the SaaS Service | |
| − | Hornbill believes in being open and we provide our documentation\polices and procedures at https://wiki.hornbill.com/FAQ:ISO/ for all. However, Enterprise customers can schedule | + | Hornbill believes in being open and we provide our documentation\polices and procedures at https://wiki.hornbill.com/FAQ:ISO/ for all. However, Enterprise customers can schedule an annual full review of all polices\controls should they wish and if required you should contact your account manager. |
| + | --> | ||
| + | [[Category:HDOC]] | ||
| + | <!-- /hornbill-cloud/data-security-commitment --> | ||
Latest revision as of 22:15, 13 September 2023
This document can now be found at its new location in the Hornbill Document Library.
