We take our data privacy and systems security very seriously at Prokeep, in fact, we've made it part of our corporate culture! Our technical leadership and full-time security staff constantly strive to improve our system defenses and reduce our attack surfaces, from our cloud infrastructure all the way down to individual employee devices and laptops.
SOC 2 and beyond
As part of our overall security initiatives, Prokeep is currently in hot pursuit of Service Organization Control 2, known as SOC 2, certification. SOC 2 is an industry-standard of trust developed by the American Institute of Certified Public Accountants that assures the controls at an organization related to security, availability, data privacy, and processing integrity of the systems.
You can learn more about SOC 2 here.
Prokeep chose to pursue SOC 2 as a challenge to improve our security & data privacy policy and controls to the highest degree we possibly can.
Prokeep’s Current Security Measures
Overall Prokeep employs a varied, always-live, active battery of platforms to help us in our system's security challenges:
- In the cloud - we utilize a range of always-live vulnerability scanners, intrusion detection tools, geofencing, TLS encryption with tuned ciphers, and zero-day live patching.
- Passive cloud defenses include permissions monitoring tools, partitioned network subnets, network firewalls, and integrated logging of all network activity.
- Employee laptops have encrypted drives, require the latest antivirus and malware shields and scanners, require zero-day OS patching, and monitor compliance with an MDM platform.
Prokeep’s application security includes layer 7 firewall, code scanning, and application vulnerability scanning as well as OWASP scanning. We have a formal review process for any code that could expose vulnerabilities.
Our data layer is encrypted with the highest available over the wire and at rest, the databases live behind our network DMZ isolated from the public, and we routinely destroy backups after a short retention period per policy.
Prokeep feels like we offer some of the strongest security and privacy defenses in the business. We are continuously striving to improve our security efforts and have made this part of our culture and one of our cornerstone core values.
