Cloud Security
MODERN PLATFORM, MODERN SECURITY
Comprehensive security at all levels makes the SumTotal Cloud a trusted location for your organizations' most sensitive information. Standards-based security and operational compliance informed by the worlds leading compliance standards. From GDPR-compliance, to regional data sovereignty; we have it covered.
Sumtotal provides you with the best-in-class security and privacy, industry standard compliance and High-availability.
Security & Compliance
Information System Security is more challenging than ever. It is also more important than ever. Protecting your organization’s data is at the core of everything we do.
Privacy
Being trusted with your data is one of our most sacred responsibilities. Multiple layers of technical, physical, and process controls keep your data safe and visible only to those who need to see it.
Availability
Disaster preparedness is an essential part of the modern digital landscape and a critical part of the service that we provide to our customers. An effective disaster recovery plan protects your business against potential data loss and extended service unavailability.
Security & Compliance
Information System Security is more challenging than ever. It is also more important than ever. Protecting your organization’s data is at the core of everything we do from robust role-based access and advanced security permissioning within our applications to comprehensive, standards-based cloud security at every level, at every moment.
Secure from the Start:
Effective Information System Security starts at the very beginning.
- Secure Coding and Design Standards
- On-Going Security Awareness Training
- Static Code Analysis
- 3rd Party Penetration and Application Testing
Secure Operations:
Robust Encryption | TLS 1.2 Encryption with modern, secure ciphers. FIPS 140-2-certified storage. |
Hardened Systems and Compliance Scanning | Pre-hardened system images, deployed through automation ensures security compliance. Continuous security scanning guarantees things start secure and stay secure. |
Endpoint Protection | Realtime system scanning detects suspicious files immediately, including memory-resident risks. |
Intrusion Detection | Full network intrusion detection visibility identifies unusual network activity as it happens. |
Compliance:
Standards-based security and operational compliance informed by the worlds leading compliance standards.
Privacy
GDPR is one of the most important privacy frameworks in use today. Using our Data Processing Agreement framework or yours, you can be confident that we remain fully compliant together.
Robust, role-based access controls let you manage who can see what, when. Sophisticated and comprehensive data-access and data-management processes within the SumTotal Cloud makes sure it stays that way.
Data privacy features:
- Encryption-in-Flight
- Encryption-at-Rest
- Data Locality
- Data Segregation between tenants
- Data Not for sale
Availability
Unexpected things happen. Our comprehensive planning and a 24x7 team of skilled IT professionals will get services back up and running as quickly as possible.
Day to Day Operations
- ITIL based Change Control
- Purpose-built Architecture
- Data Locality
- Horizontal and Vertical Scalability
Disaster Recovery
Established and tested Recovery Point and Recovery Time Objectives provide you clear expectations. A disaster probably won’t happen, but if it does, you can be confident that you are in good hands and that we will be communicating with you all along the way.
