We back our products and services with robust data and security practices. These are a central part of our design, engineering, and product-delivery principles.
Tower360 works with independent experts to verify our own security, privacy, and compliance controls, and have achieved certification against stringent standards. Download our security whitepaper to learn more.
We work with an independent auditor to maintain a SOC 2 Type 2 report, which objectively certifies our controls to ensure the continuous security, availability, confidentiality, and integrity of our customers' data.
Developed by the Assurance Services Executive Committee (ASEC) of the AICPA, the Trust Services Criteria is the set of control criteria to be used when evaluating the suitability of the design and operating effectiveness of controls relevant to the security, availability, or processing integrity of information and systems, or the confidentiality or privacy of the information processed by the systems at an entity, a division, or an operating unit of an entity.
In alignment with ISO 27001:2022 standards, our organization engages an independent auditor to ensure compliance with a comprehensive Information Security Management System (ISMS). This system, adhering to international best practices, guarantees the continuous protection of our clients' data, encompassing aspects of security, availability, confidentiality, and integrity.
ISO 27001:2022, a globally recognized standard, sets forth rigorous criteria for establishing, implementing, maintaining, and continually improving an ISMS. This framework is integral to managing and safeguarding sensitive information and systems, ensuring their security, reliability, and resilience, as well as maintaining the confidentiality and privacy of processed information within the entire scope of our organization.
In adherence to the General Data Protection Regulation (GDPR), our organization conducts regular audits and has engaged DataGuard to act as our external Data Protection Officer (DPO). This partnership underscores our commitment to the rigorous data privacy and protection standards mandated by GDPR.
With the guidance of DataGuard as our Data Protection Officer, we ensure the security, availability, confidentiality, and integrity of our clients' personal data. Their expertise is crucial in helping us navigate GDPR compliance, covering key aspects such as the rights of data subjects, maintaining records of data processing activities, and conducting data protection impact assessments.
Our collaboration with DataGuard exemplifies our dedication to upholding the highest data protection standards, aligning with GDPR’s focus on transparency, accountability, and safeguarding the privacy rights of individuals within the European Union.
