Security is our business.
We know it's important.
We understand that you put a lot of trust into your vendors. At PhishingBox, we are serious about security. Our business is built on security. As such, we have implemented security and privacy measures to provide a safe and secure application.
To help with your vendor due diligence process, we are including a summary of security and privacy information here. If you need additional information, please contact us directly.
Security is our business.
As a trusted vendor, we understand your need to maintain a secure environment. Our information security program is an ongoing process. We have developed controls and these controls are audited or tested on a regular basis.
U.S. President Ronald Regan said, “Trust but verify”. So, you do not have to take our word for it as we have external audits conducted. Annually, we have a third-party audit firm conduct a SOC audit. A SOC report is an independent review from a CPA firm on the controls at a Service Organization relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy. These reports are intended to meet the needs of a broad range of users that need detailed information and assurance about the controls at a service organization.
Many of our clients are required to comply with the General Data Protection Regulations (GDPR). Our GDPR preparations have included a comprehensive review of relevant internal processes, procedures and documentation. Additionally, we have and continue to actively develop and implement data protection policies, procedures, controls and security measures for GDPR compliance.
European Union Instance
PhishingBox maintains processing and hosting facilities within the European Union. Customers can select to use this instance if they do not want their data to be processed on system within the United States. The PhishingBox EU instance maintains the same controls structure as the systems within the United States.
CSA STAR Program
The Cloud Security Alliance (CSA) is a global organization that outlines best practices for secure cloud computing. The CSA has developed standardized security practices and questionnaires to help streamline vendor due diligence for software as a service vendors. PhishingBox has adopted these practices to provide a standardized response to most vendor due diligence questions.The CSA Star Program
We understand the importance of uptime for a system. As such, we have implemented an informational status page which is an independent platform showing the current status of the various PhishingBox solutions. If there are any present disruptions, notices will be included on this page.