Security and
Compliance
Commitment to
Security
At Indeavor, protecting our Customer Data is a business-critical function and a core tenant of our operating model. For this reason, we constantly invest in our security processes and resource to assure we are not only offering a cutting-edge SaaS software solution but also delivering an end-to-end secure product.
Our philosophy is driven by the idea that we cannot just add security “on-top”, rather we have adopted a security by design paradigm.
Multiple controls have been designed and implemented for ensuring and maintaining security, availability, confidentiality, integrity, and privacy across all product lifecycle stages.
These internal controls include, but are not limited to vulnerability management, security monitoring and incident response, segregation of Customer data, access provisioning according to least privilege principle, vendor risk management, risk assessment, physical security, change management, network and systems security, encryption of data at rest and in transit, penetration testing, secure software development lifecycle, disaster recovery and data backup, information security awareness training for our employees.


Maintaining
Compliance
To provide assurance to its stakeholders, Indeavor has engaged with an independent auditor to attest that the product offering meets trust criteria of SOC 2 Type 1 compliance, established by the American Institute of Certified Public Accountants (AICPA).
In addition, Indeavor service has been successfully assessed for GDPR compliance.
To maintain transparency with our customers, the following documents are available upon request* (NDA signage is required):
- SOC 2 Type 1 Report
- GDPR compliance report
*To request, kindly email ciso@indeavor.com