At vCIOToolbox we consider security, privacy, and compliance as key considerations when choosing a SaaS provider. We are fully committed to protecting all the data users enter and share within vCIOPro. It is our objective to reduce and mitigate the risk of data breaches and secure your intellectual property.
Application Availability & Continuity
The application is hosted in a High Availability, Fault Tolerant system and block changes are shipped to our Baltimore location where we have a cold standby configuration that can resume operations in <15 minutes of a declared disaster event.
EU-US Privacy Shield
The privacy shield covers issues relating the collection, use, and retention of any and all personal information from the EU and Switzerland. vCIOToolbox follows all key Privacy Shield Principles for data handling and transfer.
industry-standard technologies to secure customer data and prevent unauthorized access. These systems are continuously monitored.
In the event of a security breach we follow and internal incident response protocol. Our team will communicate with affected customers via email, sharing updates and addressing impact in the shortest interval possible.
Our internal policy includes full disk encryption for all development environments, use of strong credentials and adherences to our Written Information Security Policy (WISP) and our incident reponse policy.
Additionally, all vCIOToolbox employees pass a pre-employment background check, and complete regular security awareness training.
All vCIOToolbox customers share a common user interface (UI) with seperate distinct database instances for each subscribing company.
PSA (ConnectWise and Autotask) requires and recommends that only read-level access be granted. And any data retrieved from cloud providers is always retrieved using read-only requests (e.g., GET for REST APIs).