Organizational Security

Titan takes data security very seriously.  Find more information regarding our practices below.


Information Security Program

  • We have an Information Security Program in place that is communicated throughout the organization. Our Information Security Program follows the criteria set forth by the SOC 2 Framework. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants.
  • Our Information Security Program is also compliant with the Payment Card Industry Data Security Standard (PCI-DSS). PCI-DSS is the information security standard set by the major credit card brands for organizations that handle credit card data.

Third party Audits

  • We have an Information Security Program in place that is communicated throughout the organization. Our Information Security Program follows the criteria set forth by the SOC 2 Framework. SOC 2 is a widely known information security auditing procedure created by the American Institute of Certified Public Accountants.
  • Our Information Security Program is also compliant with the Payment Card Industry Data Security Standard (PCI-DSS). PCI-DSS is the information security standard set by the major credit card brands for organizations that handle credit card data.

Penetration Testing

  • We perform an independent third-party penetration at least annually to ensure that the security posture of our services is uncompromised. This allows you to know we are doing everything we can to secure your business from attacks by actively pursuing outside and new technologies and vendors to maximize our security posture and compliance.

Employees

  • Roles and responsibilities related to our Information Security Program and the protection of our customer’s data are well defined and documented. Our team members are required to review and accept all of the security policies at the time of hire and annually thereafter.
  • Our team members are required to go through employee security awareness training covering industry standard practices and information security topics such as phishing and password management.
  • All team members are required to sign and adhere to an industry standard confidentiality agreement prior to their first day of work.
  • We perform background checks on all new team members in accordance with local laws.

Data Hosting Security

Data Encryption

  • We employ Encryption in transit and at rest for Customer data as well as data hosted on your behalf.
  • All drives storing customer data are encrypted. In addition data is sharded throughout multiple computers and datacenters making data theft due to physical drive theft theoretically impossible to perform.
  • Data in transit uses TLS 1.2 at a minimum with 1.3 preferred. Titan Cloud Storage regularly reviews encryption technologies to maintain pace with best practices.

Systems Monitoring

  • We perform vulnerability scanning of all IT assets and actively monitor for threats. In addition to our own vulnerability scanning, we have a third-party perform vulnerability scans to ensure we are secure. We also receive notifications of any new vulnerabilities from the Cybersecurity and Infrastructure Security Agency which helps in the quick identification and remediation of risks.
  • We actively monitor and log all systems for performance and security purposes. Our goal is to identify, respond, and remediate any issue as quickly as possible to reduce impact to customers.
  • We have a process for handling information security events which includes escalation procedures, rapid mitigation and communication. We contract with a cybersecurity company to provide emergency support to our internal IT security team in the event of a security incident.
If you have any questions, comments or concerns or if you wish to report a potential security issue, please contact sec.ops@titancloudstorage.com.
Titan Cloud Storage crossmenu