Security and Compliance

Reorg’s Unwavering Commitment to Security and Compliance Ensures the Protection of Your Most Valuable Information

FinDox, ESMA and ESGx by Reorg are SOC 2 Type II compliant and complete annual third party audits. The private cloud is managed by a service provider that is ISO 27001, SOC 1, SOC 2, and PCI certified.

All data stored is encrypted in transit with end to end encryption and at rest. Furthermore, any modifications to access grants or permissions, as well as downloads of documents, are logged and preserved for audit purposes for a period of 7 or more years.

Compliance

Compliance is an integral component of FinDox, ESMA and ESGx by Reorg, with a private cloud managed by a third party service provider that is ISO 27001, SOC 2, SOC 1, and PCI compliant. The company has completed a third party SOC 2 Type II audit and uses an Automated Security & Compliance Platform. We undergo annual application pen tests and external network pen tests along with quarterly external PCI security scans and monthly internal vulnerability scans and patching.

Security

Your data is secure: FinDox, ESMA and ESGx by Reorg have been configured on a private cloud to meet SOC 2 & PCI security standards including encryption at rest, encryption in transit, web application firewall, firewalls, separate VLANs, anti-virus and anti-malware, IDS/IPS, FIM, etc. Staff undergo security awareness training, background checks and must sign security policies.

Availability

With a primary data center in Virginia and a warm secondary data center in Texas, you can be confident in the availability of your data. Real-time replication has been implemented between the primary and secondary data centers with a 15 min RTO/RPO along with nightly full backups to secure offline storage. DR Tests from backup are performed quarterly and failover tests are performed semi-annually. Data centers meet high availability with load balancing and redundancy.

Confidentiality

Enjoy complete confidentiality with data that iis classified based on whether it contains MNPI and protected using encryption and a robust access grant system. Audit logs are generated to track access grant changes and user document downloads.

Interesting in learning more?

Contact Us

Thank you for signing up
for Reorg on the Record!