How does RapidRatings secure client data?
RapidRatings deploys a robust set of security protocols and processes to protect client data and the data of their counter parties. RapidRatings operates an information security management systems designed to the best practices outlined in ISO27001:2013. This ensures a comprehensive and robust set of controls protect your data and we are audited to this standard twice per year by independently certified auditors. Additionally, RapidRatings obtain an annual SOC2(r) Type 2 audit report from a different independent auditor, ensuring that our processes and control design meet that standard also. RapidRatings are compliant with EU General Data Protection Regulation (GDPR).
Security Practices
- Your data is NEVER shared without your express consent.
- Only authenticated users may access their data.
- Our multi-tenant service is built from the ground up with segregation of data in mind, so another client cannot see your data unless you explicitly share it with them.
- All of your data is encrypted at rest and in transit using the latest and best encryption algorithms.
- Only authorized RapidRatings personnel may access or process your data.
- Our suppliers and third parties have no access to your data.
- RapidRatings are fully compliant with the EU General Data Protection Regulation – your data privacy rights are assured.
Assurance
- RapidRatings is ISO 27001:2013 certified and GDPR compliant.
- Our cloud infrastructure is hosted on Amazon AWS, which is certified compliant to all primary industry frameworks.
- Type 1: This attestation by an independent auditor is a report of the quality of design of the information security and controls in place at RapidRatings.
- Type 2: This attestation by an independent auditor is a report of the effectiveness of operation of the information security controls in place at RapidRatings. RapidRatings engages our third party auditors to carry out this examination and prepare this report once per year.
Integrity
- Your data integrity is assured with best of breed backup, replication, auditing and monitoring processes.
- Your data can only be accessed or changed using our robust platform and our rigorous software testing policy ensures that data corruption due to bugs is virtually eliminated.
Availability
- RapidRatings operate to a 99.5% availability target.
- Using Cloud infrastructure, all services are deployed on high-availability, massively scalable multi-node clusters across multiple data centers.
- Additionally, our service can be completely recovered to an alternate region in a very short space of time.
Threat and vulnerability management
- All systems are continuously monitored and protected with best of breed Intrusion detection and prevention.
- All releases to our cloud platform are rigorously penetration tested, subjected to static code vulnerability analysis and peer reviewed prior to release.
- We engage independent security experts to penetration test the application and infrastructure annually to additionally validate these controls.