Seven Corners
Information Security
Seven Corners information systems are located in Microsoft Azure, one of the largest and most robust data center systems in the world, offering best-in-class security and reliability.
Security and Compliance
As part of our commitment to the safety of our customer and partner data, and because reliable, secure systems are our standard of excellence, we maintain the following standards and certifications:
- PCI DSS — Payment Card Industry Data Security Standards
- HIPAA — Health Insurance Portability and Accountability Act of 1996
- NIST 800-53 rev4 — Security and Privacy Controls for Federal Information Systems and Organizations
- GDPR — General Data Protection Regulation
Seven Corners follows best practices in all areas of security and compliance, including but not limited to:
- Risk Assessment
- Awareness and Training
- Security Assessment and Authorization
- Access Control
- Audit and Accountability
- System and Communications Protection
- Configuration Management
- Identification and Authentication
- Contingency Planning
- System and Information Integrity
- Personnel Security
- Incident Response
Business Continuity
Seven Corners maintains a multi-faceted approach to business continuity. Many of our production systems are in distributed geographies with response-time or geographic-based load balancing for performance and high availability. Other systems are maintained with warm spares in disparate geographies for maximum efficiency and minimal recovery times. Seven Corners also maintains a tiered backup strategy as governed by best practices, partner contracts, and applicable law. These backups are maintained in alternate geographic locations and are always secure in transport and cryptographically protected at rest. Seven Corners maintains an incident response procedure that includes multiple channels for both remediation and communication. This procedure is reviewed regularly.
Vulnerability Disclosure Policy
If you believe you have found a security issue with one of our products or services, please report the issue to security@sevencorners.com. Please describe the issue in detail, including (for example): the date and time when the issue was first discovered, details needed to reproduce the issue, and a Proof of Concept. Screenshots and videos can also be useful. We will attempt to respond to your report within 10 business days. We take these reports seriously, so we ask that you keep your findings confidential. Any publication of your findings prior to remediation of the issue may put personal information at risk.
