In the case of a security incident, we have a process to manage information security incidents. Our security incident management process outlines how we detect, respond to, and report incidents to minimize loss and destruction or mitigate any identified weaknesses. The goal of the process is to restore information system functionality and business continuity as quickly and safely as possible.
In the incident management process, we address how we:
- monitor threats continuously through intrusion detection systems (IDS) and other monitoring applications;
- form an information security incident response team;
- define procedures to respond to media inquiries;
- establish clear procedures for identifying, responding to, assessing, analyzing, and resolving information security incidents;
- provide workforce training and education about information security incidents and responses; and
- facilitate clear communication of information security incidents with internal—as well as external—stakeholders.
Our Security team ingests logs and alerts from our platform host, anti-virus systems, and vulnerability scanners to identify potential attacks and weaknesses.
We also rely on employee reports, which are invaluable to make us aware of vulnerabilities that may affect our environment. These reports may identify when attackers have evaded technical detection or provide insight into areas where we currently lack visibility. Our Engineering teams are particularly well-positioned to identify suspicious activity or weaknesses affecting our most critical assets in production. Our integration managers and technical account managers are also well-positioned to learn about security issues from customers like you. Please submit a ticket via our Help Desk to let them know if you have identified an issue.