We’re committed to earning and maintaining Partner and Customer trust by focusing on six key principles:
We respect your privacy and handle data with integrity. We don’t sell data.
We give you ownership and put you in control of your personal information.
We are transparent about data collection and use so you can make informed decisions.
We protect the data you entrust to us with strong, industry-leading security.
We respect your local privacy laws and regulation.
When we do collect data, we use it to benefit you and improve your experiences.
Facilities - Snap One servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001 compliant facilities. Data center facilities are powered by redundant power, each with UPS and backup generators.
On-site Security - Our data center facilities feature a secured perimeter with multi-level security zones, CCTV video surveillance, physical locks, and security breach alarms.
Monitoring - Production network systems, networked devices, and circuits are continuously monitored and logically administered by staff. Physical security, power, and internet connectivity for cloud-provided services are proactively managed and monitored by the managed services providers. On a routine basis, we evaluate cloud provider compliance and SOC compliance audits.
Dedicated Security Team - Our Security Team is on call 24/7 to respond to security alerts and events
Protection - Our network is protected by redundant firewalls, secure HTTPS transport over public networks, regular audits, and network Intrusion Detection and/or Prevention technologies (IDS/IPS), which monitor and/or block malicious traffic and network attacks. For internal networks, we leverage IEEE standard 802.1x for wired and wireless network authentication methods.
Architecture - Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones. Other systems are housed in zones commensurate with their sensitivity, depending on function, information classification, and risk. Depending on the zone, additional security monitoring and access controls will apply. DMZs are utilized between the Internet, and internally between the different zones of trust.
Network Vulnerability Scanning - We leverage network security scanning that provides deep insight and quick identification of out-of-compliance or potentially vulnerable systems.
Threat Intelligence Program - Snap One participates in threat intelligence sharing programs. We monitor threats posted to these threat intelligence networks and proactively take action based on our risk and exposure. Security Incident Response - In case of a system alert, events are escalated to our 24/7 Incident Response Team, who are trained on security incident response processes, including communication channels and escalation paths.
Penetration Testing - We conduct annual third-party penetration tests along with quarterly internal penetration tests.
Uptime - Snap One maintains a system-status log which includes system availability details, scheduled maintenance, service incident history, and relevant security events.
Redundancy - Snap One employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime ensures Service Data is actively replicated across primary and secondary DR systems and facilities. Our co-location databases are stored on efficient Flash Memory devices with multiple servers per database cluster.
Disaster Recovery - Our Disaster Recovery (DR) program ensures that services remain available, and in the event of a disaster are recoverable to ensure smooth operations with minimal downtime. We have formal disaster recovery plans that are maintained and kept current as our environments expand and grow.
Email Protection - We leverage next-generation email protection. Our solution is AI and machine learning-based and has an event detection and response team that provides oversight 24/7/365. Our solution ensures that embedded links and attachments are valid and secure. In addition, our solution guards against impersonation and phishing attempts.
End-Point Protection - We leverage next-generation end-point protection on laptops, Mac, and servers. This next-gen solution is cloud-based and operates 24/7/365 to protect against malware and other threats. Our solution proactively identifies unauthorized systems and applications and provides real-time alerts on the use of privileged credentials. The platform identifies attacks and stops breaches 24/7 with a team of experts that proactively hunt, investigate, and advise on threat activity in our environment.
Awareness Program - Our cybersecurity team conducts routine awareness communications to all employees throughout the year. Updates on cybersecurity programs and employee best practices are shared via employee communication programs sponsored by our cybersecurity team.
Information Security Policy - Our cybersecurity and risk management teams maintain a comprehensive set of cyber and information risk management policies that are communicated, monitored, and audited routinely. We also require employee attestation regarding the information security policy on an annual basis.
Learning Program - Our cybersecurity team put together a comprehensive information risk management learning program. This online training program is available to employees 24/7. Employees are required to take key modules each year. Our cybersecurity team spotlights modules throughout the year in company newsletters and shares current insights into the world of cybersecurity, to focus on what each employee can do to protect our company and our customers.
Software Scanning/External Reviews - Static code scans are routinely performed, and external source code reviews are conducted on a regular basis to look for and remediate potential vulnerabilities.
IP-Based Products - We regularly conduct cybersecurity-based vulnerability tests of our IP-based products. These are performed by an independent third-party cybersecurity company.