Security at Sigma360

Data Security

Keeping data secure across customers and partners is critical. We utilize encryption, access controls and an overall culture of security among all personnel that touch client or partner data.

• Data is always encrypted, whether in transit or at rest 
• Customer-specific access keys are isolated
• Restrictions on cross-company data access with proactive updates  

Our approach to data security is regularly reviewed, tested and strengthened.

System and Development Security

The Sigma360 platform was designed and architected with security as a top priority. From our early days of working with global banks, law firms and government, Sigma360’s team ensured the platform was ahead of expectations from a security standpoint.

From external third-party penetration testing to internal security meetings chaired by our CHief Information Security Officer (CISO), we take security seriously. We are able to change direction quickly if required to address identified or potential risks.

Our service is continuously monitored for vulnerabilities and is carefully tested as new features come online.

• Dedicated CISO
• SOC 2 Type 2 certification 
• External maturity assessment 
• Third party system and security reviews 
• Annual penetration testing 
• Continuous vulnerability scanning 

People Security

We ensure our team members exhibit a security mindset and follow a code of confidentiality. This includes signing off on our company values and security handbook during onboarding.

Sigma360 personnel protocols:

• Subject to a background check
• Screened against our dynamic database for risk
• Sign Sigma360 Code of Conduct 
• Consistent, ongoing security and ethics training
• Two-factor authentication and strong password requirements for all systems
• Training from leading security experts