Security – Best Practice

SoftwareOne services use best practice patterns, deployment methods and operational controls to make sure that your cloud environments remains secure.

SoftwareOne will work with you to ensure environments are designed and built securely and will offer professionally opiated Architectural advice on third party high level designs where necessary.

Staffing

SoftwareOne will perform pre-employment background screening of its employees who have access to customers' accounts, and is committed to employee supervision, training, and management.

Authentication

Strict Password policies are in place throughout SoftwareOne MI’s tool-suite and Two Factor Authentication is employed on all systems managing Customer Data.

Authorization

All staff operate under the principle of Least Privilege and, where in scope, access to Customer environments is aligned to an Incident or Request ticket and logged.

Auditability

All environments and Management Tools suites offer administrative activity logs and traceability.

Place of performance

Access to the SoftwareOne operation center facility is restricted to authorized Operational personnel and controlled via physical passes. Security guards monitor the entrances 24x7x365 and visual surveillance is in place at all ingress/egress points.

Reports of and Response to Security Breach

SoftwareOne will report to you as soon as reasonably practicable in writing and in accordance with applicable law, of a material breach of the security of the Customer Subscription which results in unauthorized access to Customer Data resulting in the destruction, loss, unauthorized disclosure or alteration of Customer Data of which we become aware. Upon request, we will promptly provide to you all relevant information and documentation that we have available to us regarding the Customer Subscription in connection with any such event.