Here at SentryBay we take IT security very seriously. As a provider of security software solutions we recognize the importance of securing our data and that entrusted to us by our customers.
SentryBay maintains ISO 27001:2022 certification by establishing policies and controls to enable, monitor and ensure the Confidentiality, Integrity, and Availability of all information assets under our control. SentryBay’s Security and Compliance team ensures we continue to adhere to the principles and standards set forth in this international standard.
SentryBay’s policies, procedures and working practises deliver excellence by getting the basic IT security principles right.
SentryBay promotes a culture of security through training and awareness programs to reduce human error. Techniques: Regular employee training and clear security policies.
We ensure that data is accessible only to authorized individuals or systems with a legitimate business need with access granted based on the principle of least privilege. Techniques: Encryption, Role Based Access Controls and strict authentication processes.
SentryBay uses multiple layers of security controls to protect against threats at different points in system architecture. Techniques: Firewalls, intrusion detection/prevention systems (IDS/IPS) and endpoint protection.
Security considerations are at the forefront of design and development of all SentryBay systems and applications. Techniques: Secure coding practices, threat modeling during development and rigorous testing.
We monitor systems for anomalies, vulnerabilities and threats to enable a quick response and to highlight areas for continous improvement. Techniques: Security Information and Event Management (SIEM), network monitoring and automated alerts.
Identifying, assessing and mitigating risks to minimize the potential impact of threats. Techniques: Regular security assessments, threat modeling and vulnerability scanning.
At SentryBay we are committed to protecting the privacy and security of the personal data entrusted to us by our employees and customers. SentryBay complies with all applicable laws and safeguards the rights of individuals.
We collect data based on specific product requirements. Any data collected is limited and detailed in the privacy policy for that specific product.
All data collected is for legitimate business purposes and is processed lawfully and transparently, ensuring it is relevant and limited to what is necessary for the intended purpose.
All data stored at SentryBay is encrypted at rest regardless of storage method.
SentryBay uses TLS 1.2 or higher everywhere data is transmitted through public networks Server TLS key policies and certificates are managed by AWS Certificate Manager and attached to our Application Load Balancers.
Encryption keys are managed via AWS Key Management System (KMS). KMS stores key material in Hardware Security Modules (HSMs), which prevents direct access by any individuals, including employees of Amazon and SentryBay. The keys stored in HSMs are used for encryption and decryption via Amazon’s KMS APIs.
Application secrets are encrypted and stored securely via AWS Secrets Manager and Parameter Store, and access to these values is strictly limited.
We look forward to hearing from you:
+44 203 478 1300 [UK]
+1 415 969 9691 [USA]
www.sentrybay.com
SentryBay, 20 Little Britain, London, EC1A 7DH, UK
SentryBay, 1 Sansome St, San Francisco, CA 94104, USA
For more information about our solutions and the opportunity to chat to our expert team, please complete the form below.
