At SilkFlo, we deeply recognize that the confidentiality, integrity, and availability of our customers' data and all critical information assets are fundamental to our business success and your trust.
As a SaaS provider, we are committed to transparently communicating our security practices, tools, resources, and responsibilities. This ensures our customers feel confident in choosing us as a trusted provider.
This Trust Center provides an overview of our robust security program, detailing how we identify and mitigate risks, implement industry best practices, and continuously enhance our defenses to protect your data.
Controls (57)
Here are the controls implemented at SilkFlo to ensure compliance, as a part of our security program.
Product security (4)
Production System User Review
Situational Awareness For Incidents
Vulnerability Remediation Process
Centralized Management of Flaw Remediation Processes
Data security (10)
Identity Validation
Termination of Employment
Production Databases Access Restriction
Multi-factor Authentication
User Privileges Reviews
User Access Reviews
Encrypting Data At Rest
Inventory of Infrastructure Assets
Data Backups
Testing for Reliability and Integrity
Network security (6)
Impact analysis
Limit Network Connections
External System Connections
Transmission Confidentiality
Anomalous Behavior
Capacity & Performance Management
App security (3)
Conspicuous Link To Privacy Notice
Secure system modification
Approval of Changes
Endpoint security (4)
Malicious Code Protection (Anti-Malware)
Full Device or Container-based Encryption
Endpoint Security Validation
Session Lock
Corporate security (30)
Code of Business Conduct
Organizational Structure
Roles & Responsibilities
Competency Screening
Personnel Screening
New Hire Policy Acknowledgement
Security & Privacy Awareness
Performance Review
Periodic Policy Acknowledgement
Automated Reporting
Incident Reporting Assistance
Risk Framing
Risk Assessment
Fraud
Third-Party Criticality Assessments
Assigned Cybersecurity & Privacy Responsibilities
Internal Audit using Sprinto
Periodic Review & Update of Cybersecurity & Privacy Program
Management Review of Org Chart
Management Review of Risks
Management Review of Third-Party Risks
Subservice organization evaluation
Segregates Roles and Responsibilities
Testing
Asset Ownership Assignment
Data Governance
New Hire Security & Privacy Training Records
Periodic Security & Privacy Training Records
Updates During Installations / Removals
Inventory of Endpoint Assets
