Committed to physical, network, and application security
Our commitment to security gives our customers confidence to innovate using our platform. Transparent, best-practice security mechanisms are in place to protect physical, network, and application components of the platform.
ISO 27001 CERTIFIED
ISO 27001 is an international standard covering best practice for information security, cybersecurity, and privacy protection. Citrine Informatics’ security framework is based on ISO27001 and Citrine obtained ISO/IEC 27001:2013 certification in 2018, renewing it annually since. Information security is a top priority for Citrine Informatics, and this achievement demonstrates our commitment to information security, data protection, and continuous improvement.
CUSTOMER DATA IS PROTECTED
Customer data is classified, secured, encrypted, and kept in separate repositories while entrusted to Citrine. Additionally, all IP generated from the use of the Citrine platform, including all customer data stored on the platform, remains the property of the customer.
Access to infrastructure, networks, and data is minimized and controlled with best practice authentication systems.
COMPLETE SEGREGATION AND DEFENSE-IN-DEPTH
Each customer’s platform is hosted in a separate virtual private cloud, with data encrypted in the platform and on transit to and from the cloud.
SECURITY PROCESSES IN PLACE
Business processes are in place and continually improved on the following topics:
- Physical Security
- Business Continuity
- Third-Party Security
- Continual Improvement
Robert (Bob) Vail, Citrine’s Director of Security, leads the whole Citrine team in following the ISO 27001 standard and upholding best-in-class security practices. He is a Certified Information Systems Security Professional with over 20 years of experience in the financial services, software, and cybersecurity industries.