Trust and Security
🔐

Trust and Security

Tags
About

At Visor, we believe that the cornerstone of trust is security.  We work tirelessly to maintain that trust with our world-class systems and processes.  As such, we have put in place the following procedures:

Best Practices: Protocols & Policies

Security is not just engineering. It’s maintaining strict procedures and reviews too.

  1. Full review of major initiatives by Visor Security Council (“VSC”) for threat assessment and security evaluation semi-annually
  2. Quarterly internal audit of systems and processes by Visor Security Council for security vulnerabilities and best practices
  3. Notification of known breaches to appropriate parties within 24 hours

Monitoring & Logging

Our operations team constantly monitors the health and security of our servers.

  1. Daily monitoring of system health and scanning of security vulnerabilities, both manual and automated
  2. Detailed access logs of every data transfer for monitoring and audit, and automated alerts around anomalous or root access
  3. Quarterly review of security monitoring procedures by VSC

Data Transfer & Networking

How our data travels: Encryption. Always.

  1. Industry standard SSL encrypted communication for authentication and data communication with all servers
  2. Minimal data transfer by optimizing local data storage on customers’ machines
  3. Virtual Private Cloud configuration creates firewalls around our systems

Data Storage, Access & Protections

Who has access and what they see.

  1. We limit access to all systems and data on an as-needed basis
  2. All employees and contractors undergo strict vetting and are obligated not to disclose any customer data they may come into contact with
  3. Tight access controls and permissions, quarterly review by VSC
  4. Broad system-level permissions hierarchy, and granular data-level authorization tagging built-in
  5. All customer data stored in an encrypted data warehouse with anonymous key relationships
  6. All analytic data stored in an encrypted data warehouse without any personally identifiable information

Data Backups & Disaster Recovery

Data loss is not an option.

  1. Customer data is 100% backed up to online replicas
  2. Our operations team monitors platform and application behavior for anomaly detection
  3. All services are configured in automatic scaling groups that scale up to meet peak demand
  4. We will proactively notify you of any customer-impacting situation

FAQs

More info on our dedicated FAQs page:

Integrations / Certificates

Atlassian Security Self Assessment - Our Security Self Assessment was accepted on 10/19/21 by the Atlassian Marketplace. View Assessment Details

Other Resources

For more details on the sections from this document:

Information Security Policy

How we go about patching security vulnerabilities that are discovered in our application:

Security Bug Fix Policy

Outlines how we recover to a security incident should one arise:

Business Continuity & Disaster Recovery Plan

Outlines how we make changes to Visor in a secure fashion:

Change Control & Release Management Process

Ready to try this in Visor?

👋🏼

Written by Victoria

Updated this week

image