We protect your data with end to end security measures. World Class RMIS platform security | Riskonnect

Platform Security

Riskonnect and our platform provider protect customer data by providing end to end security.

Security You Can Count On

End to End Security

Security takes on several dimensions. Riskonnect and our platform provider protect customer data by providing end to end security. This includes password policies, security roles, encryption, and audit logs. Password policies can be defined to fit client standards including timeouts, length, and password strength.

Secure Computer is a crucial part of a Leading Risk Management Solution for ERM
Keypad illustration for secure access and part of advanced Risk Management Systems

Total Access Control

Security roles for access is a staple with our system. Riskonnect offers the control needed to prevent unauthorized access to any part of your RMIS, down to the field level. User access to the system is determined by the assigned security profile, which is managed by your System Administrator(s) or by Riskonnect. Profiles dictate the level of access an individual can have to the system from objects, reports, page layouts and views, and specific fields.

Riskonnect supports 256-bit TLS certificates and 2047-bit RSA public keys at a minimum. All data exchanges are encrypted via SFTP with PGP. Data encryption at rest using AES 256 is available. Field level encryption is available utilizing key splitting. Splitting is utilized to separate the keying material between the application server and the database.

Key Features

 User Access

  • Customized password policies that match your organization’s policies
  • Access may be restricted to your network

 Firewall

  • Tightly controlled perimeter firewalls
  • Intrusion detection systems
  • Proactive log monitoring

 Server

  • Top-tier data center facilities
  • Biometric access screening
  • Escort controlled access
  • Armed guards

 Internet

  • HTTPS certificates signed w/ SHA-256 hash algorithm
  • Symantec Issued Certificates

 Application

  • All passwords encrypted
  • Highly secure session key management
  • Application self-monitors for security violations

 Security

  • Access to data may be limited by type of user and part of organization
  • Granular security may limit access to type of data, fields, reports, screens and functionality as required

Third Party Validation Services

Riskonnect, Inc. passed the SOC 2 Type 2 audit in June 2016. It completed SSAE 16 Type 2 & ISAE 3402 Examination of its technology applications and related services in January 2015. The examination was performed by an independent audit firm. Completion of the SSAE 16 Type 2 & ISAE 3402 Examination indicates that selected Riskonnect processes, procedures and controls have been formally evaluated and tested. The company completed the SSAE 16 Type I Examination in June 2011 and is committed to maintaining its certifications annually.

This provides end-to-end third party attestation for our platform and everything we do for our clients, and is supplementary to the best-in-class assurance report available from our platform. Also, Riskonnect provides complete documentation of its related assurance reports providing full transparency to our prospects and clients.

Best Third party validation. Vital in Advanced Risk Management Solutions

We Take Compliance Seriously

HIPAA, PCI, DSS, SSAE16, AICPA, SOC, AICPA SOC2. Website Security Compliance Logos: Internet security part of risk management

Additional Security & Certifications

In addition to third-party platform certifications of its platform provider, Riskonnect provides third-party assurance of its risk technology applications and related services. The SSAE 16 Type 2 & ISAE 3402 Examination (which replaced SAS70 as of June 2011) attests that Riskonnect has established control objectives covering the following areas: physical and environmental security; computer operations, including backups and incident handling; information security; application change control; data communications; business intelligence; and receipt, input, output and processing of data.

These examinations confirm that our security meets the latest industry standards. Riskonnect’s technical operations are truly best in class in the risk management market.

Independent audits confirm that Force.com security goes far beyond what most companies have been able to achieve on their own. Using the latest firewall protection, intrusion-detection systems, and SSL encryption, Force.com gives you the peace of mind only a world-class security infrastructure can provide.

Take Riskonnect for a Test Drive

Discover why we're the leaders in Integrated Risk Management by scheduling a demo today!

Want to learn more about Riskonnect and our awesome products? Great! Fill out the form below and we'll contact you as soon as possible.

Want to learn more about Riskonnect and our awesome products? Great! Fill out the form below and we'll contact you as soon as possible.

Request Your Free Riskonnect Demo

Pin It on Pinterest