Skip to main content

Security

Overview

Facilisgroup LLC respects our partners’ privacy and keeping data protected is a top priority!

This page provides a high-level overview of the data protection controls in place. Should you have any questions or feedback, please contact us at infosec@facilisgroup.com.

Data Protection

Facilisgroup LLC takes reasonable steps to protect your personal information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. However, the safety and security of your information also depends on you.

Where Facilisgroup LLC has given you (or where you have chosen) a password for access to certain parts of our website, you are responsible for keeping this password confidential. We ask that you never share your password with anyone.

Additionally, the transmission of information via the internet is not completely secure. Although Facilisgroup LLC have implemented measures designed to protect your personal information, we cannot guarantee the security of your personal information transmitted to our website. Any such transmission is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the website.

Network Security

Facilisgroup LLC’s environment is restricted to authorized personnel, with high availability architecture and continuous monitoring in place.

Facilisgroup LLC’s platform, data and server security are provisioned by a mix of hosted as well as Microsoft Azure environments. Microsoft carries numerous certifications, including SOC 2 and ISO 27001. You can get additional details from Microsoft directly here:

Network Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are in place at application ingress and egress points to detect, prevent and mitigate potential security events.

Facilisgroup LLC leverages a layered approach to data loss prevention on endpoint, and cloud using next-gen security tools in combination with traditional approaches.

Application Security

All data is encrypted. Internet communications or data in transit is secured via Secure Hypertext Transfer Protocol (HTTPS) using Transport Layer Security (TLS). Customer data at rest is secured using Advanced Encryption Standard (AES).

Development environments are completely separated from the production environment.

All customer data is segregated and can only be accessed by designated individuals who have been assigned unique credentials and privileges.

An independent third party performs periodic web and network penetration tests on the production environment.

Operational Security

Facilisgroup LLC has documented incident response and disaster recovery plans to support all business continuity management needs for the organization. Changes to production are subject to documented testing, validation and approval.

All servers and workstations have endpoint protection. Patching and maintenance is done weekly or sooner as determined by criticality.

You can follow in real time the status of our Syncore service here. 

Security Compliance

Facilisgroup LLC is actively the pursuing the American Institute of Certified Public Accountants (AICPA) SOC 2 (System and Organization Controls) certification.

There is a dedicated Information Security team responsible for enhancing and implementing appropriate security controls across the organization and all information systems, both internal and external.

All personnel with access to Facilisgroup LLC data and information systems are required to successfully complete background and criminal checks, agree to confidentiality agreements and attend security awareness training at on boarding as well as annual refresher courses to ensure all personnel are aware of existing and emerging cyber threats.