PhishingBox knows that vendor due diligence is critical in selecting a service provider. As such, PhishingBox has developed the Trust Center to outline its key security and compliance practices. From the Trust Center, you can access the Security Summary, General Data Protection Regulation (GDPR) compliance items, and other key policies and information.
In the current environment, vendor due diligence is a must when outsourcing services. Any organization should thoroughly review their service providers to ensure that they have implemented sound information security and privacy practices. To help organizations evaluate PhishingBox, we have created a Trust Center to organize key components of our security and compliance practices and certifications.
Clients and prospects have access to PhishingBox Security Summary, General Data Protection Regulation (GDPR) compliance items, and other key policies and information from the Trust Center.
Security Summary: The Security Summary provides an overview of PhishingBox's key security practices. The summary is similar to the description of controls within SOC reports.
SOC Audit: PhishingBox has a SOC Audit conducted at least annually. These audits provide independent, third-party verification of PhishingBox's security controls.
GDPR Compliance: As a data processor for clients worldwide, PhishingBox must provide a GDPR compliant platform. Our GDPR section highlights critical aspects of GDPR, including a data processing addendum.
Cloud Security Alliance (CSA): The CSA has become a premier standard for documenting cloud provider controls. PhishingBox has adopted the CSA STAR program and has made our Diligence document available to partners and clients.
Policies: Essential policies, such as PhishingBox's Privacy Policy, are accessible from the Trust Center.
If you need additional information for conducting your due diligence, we are here to help. Contact your account manager or email us at support@phishingbox.com.
Running simulated phishing tests will determine your employees' susceptibility to social engineering and phishing scams. Train your employees and help them identify spear phishing and ransomware attacks.
Verizon’s latest Data Breach Investigations Reports make one thing clear: the human element is the leading cause of data breaches year after year. Whether it’s a misclick, a misconfiguration, or a convincing phishing email, people—not just technology—are at the heart of most security incidents. This article explores three years of DBIR data, highlights the steady role of social engineering, and explains how organizations can reduce risk by investing in awareness, testing, and training, starting with their own workforce.
