Security at Curant‍

Last Updated January 1, 2023

‍

Learn our approach to security

‍

Introduction:

The following security policy outlines the measures implemented by our Freight Payment Solutions DBA Curant to safeguard against unauthorized access to our systems and data. Our security policy is designed to comply with industry standards and regulations, as well as protect our client's confidential information.

Encryption:

Our company uses multiple encryption methods to secure all data transmitted through our network. We use Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols to encrypt data in transit. We also enforce the use of Hypertext Transfer Protocol Secure (HTTPS) for all web-based communication. Additionally, we use the Advanced Encryption Standard (AES-256) algorithm to encrypt all data at rest.

Access Controls:

Access controls are implemented throughout our systems to ensure that only authorized personnel have access to our systems and data. We enforce strong password policies, multi-factor authentication, and role-based access controls to ensure that access is only granted to personnel with a legitimate need to access our systems and data.

Data Protection:

Our company employs data protection measures to prevent unauthorized access, disclosure, alteration, and destruction of data. We have implemented data backup and recovery procedures to ensure that data is recoverable in the event of data loss or corruption. We also enforce data retention policies to ensure that data is kept only for as long as necessary.

Third-party Vendors:

Our company works with third-party vendors to provide certain services to our clients. We require all third-party vendors to comply with our security policy and implement appropriate security measures to safeguard data entrusted to them.

Our vendors include:

Stripe, Dwolla, Plaid, DigitalOcean, AWS, VGS

Employee Training:

All employees of our company undergo security awareness training to ensure that they understand the importance of data security and the role they play in safeguarding our systems and data. We also require employees to report any suspicious activity or security incidents immediately.

Conclusion:

Our company takes data security seriously and implements multiple measures to safeguard against unauthorized access, disclosure, alteration, or destruction of data. We regularly review and update our security policies and procedures to ensure that we are compliant with industry standards and regulations, and that we are prepared to respond to security incidents.