Our Dedication to Your Peace of Mind
At Syncron, we recognize the importance of protecting assets, products, and customer data. We are dedicated to delivering sophisticated products and services without compromising security. From comprehensive access controls and regular security assessments to staff training and incident management protocols, we strive to ensure confidentiality, integrity, and availability of information. In doing so, we create a safe and secure environment for our employees, customers and partners, allowing us to focus on helping you transform and connect your aftermarket service lifecycle.
Protecting Our Customers and Their Data
Syncron Security uses a combination of physical, technical and administrative controls to mitigate risks and enhance overall security. We have a modern and resilient infrastructure built on Amazon Web Services (AWS). Our Connected Service Experience (CSX) platform and products feature comprehensive technical controls, including firewalls, intrusion detection systems, encryption protocols and regular software updates. Security controls and features also include:
Authentication
Authentication is available through configurable policies for strong passwords as well as support for single sign-on via SAML 2.0.
Access Control
We implement strict access control measures to safeguard data. Syncron follows the principle of least privilege, ensuring that only authorized personnel have access to sensitive information.
Data Encryption
Data at rest and in transit is encrypted using industry-standard protocols. These protocols ensure that sensitive information remains secure and protected from unauthorized access.
Audit Logging and Monitoring
Audit logging is enabled for sensitive events and entities by default, such as login history, administrative activity, and permissions. Investigators can analyze audit logs and configure settings for other users.
High Availability
The Syncron platform has high availability with redundant systems and an uptime service level promise of 99.5%. Several live copies of databases store data in separate data centers with automated failover.
Beyond technical controls, Syncron employs administrative controls that involve policies, procedures and employee training to ensure security awareness and compliance. Syncron also incorporates physical controls for access control, surveillance, and secure perimeters.
Syncron operations and products are vetted annually by a third party for SOC 2 and ISO 27001 compliance.
A Robust Infrastructure
The Syncron infrastructure is built on AWS, a leading cloud service provider known for its high-security standards. With AWS, we ensure a solid foundation that prioritizes data security.
A Proactive Approach
Syncron undergoes routine security audits and assessments to identify and address any vulnerabilities promptly. We continuously improve our security practices by staying proactive and ensuring our systems are updated with the latest security standards.
Ongoing Training for Up-To-Date Support
We invest in regular training and awareness programs for our employees to keep them abreast of best security practices. Ongoing training and awareness helps foster a security-conscious culture within our organization, ensuring that data at Syncron gets handled with utmost care.
Your Privacy, Respected
Choice of Data Center Location
Your instance of Syncron can be hosted in Europe, Asia or the United States, depending on your preference. Your data never leaves your data center’s region.
Compliance With Data Protection Regulations
Syncron supports customer compliance with European and North American data privacy regulations via selective data location and protection agreements. We adhere to industry-specific compliance standards and regulations to protect customer data. Our commitment to compliance ensures that your information is handled with care and in accordance with applicable laws and regulations.
Commitment to GDPR Compliance
Syncron is committed to compliance with GDPR across its cloud services. We take GDPR compliance seriously and prioritize your privacy.
Full Data Ownership
Each customer owns their data and can opt to remove it at any time.
No Advertising
We do not scan your data for building analytics, data mining or advertising.
Compliance Certifications and Ratings
SOC 2 Compliance
System and Organization Controls (SOC) 2 Type II report is an independent, third-party examination demonstrating how Syncron achieves key compliance controls and objectives pertaining to security, availability, and confidentiality. Talk to your customer success manager for more information or to see the full report.
Certified Information Security
Syncron is ISO certified to ensure conformance and customer trust in our services and operations, which conform to international standards. Syncron operates with one integrated management system, fulfilling the standards of ISO 27001:2022 and ISO 27017.
Skyhigh Enterprise-Ready Certified
Syncron is rated enterprise-ready by Skyhigh, indicating that the Syncron platform satisfies the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.
UK Government G-Cloud Framework Compliant
The G-Cloud framework enables public bodies to procure commodity-based, pay-as-you-go cloud services on government-approved, short-term contracts through an online catalog. As a G-Cloud supplier for the UK public sector, Syncron offers services pursuant to the G-Cloud procurement process.
Trusted, Third-Party Data Centers
Syncron uses the AWS infrastructure for its cloud service. The AWS infrastructure carries ISO 27001 certification and SOC 1/2/3 attestation, among other industry certifications, alignments and frameworks.
Penetration Testing and Continuous Monitoring
Annual penetration tests are performed by independent third parties to verify the security of the infrastructure and its applications. Weekly network scans run against the entire public IP range to test open ports and running services. Quarterly internal and external vulnerability scans performed against Syncron systems.