{"id":16728,"date":"2021-11-18T16:41:08","date_gmt":"2021-11-18T21:41:08","guid":{"rendered":"https:\/\/sourcepoint1.wpengine.com\/?page_id=16728"},"modified":"2024-03-08T12:36:40","modified_gmt":"2024-03-08T17:36:40","slug":"trust-and-security","status":"publish","type":"page","link":"https:\/\/sourcepoint.com\/trust-and-security\/","title":{"rendered":"Trust and Security &#8211; EN"},"content":{"rendered":"<style>\n\/* one column block *\/\n#first-block-margin{ \n\twidth:100%; height:450px}\n#default-content-block {\n\tfont-family: 'Open Sans', sans-serif;\n\tbackground-color:#ffffff;\t\tmax-width: 1236px; margin: 0 auto;\n\t}\n#default-content-block > #inner-block {\n\t\t\t\t\tmax-width: 1040px; margin: 0 auto;\n\t}\n#default-content-block p {\n\tfont-size: 18px;\n\tline-height: 26px;\n\t\n}\n#default-content-block div {\n\tmargin: 0 auto;\n}\n#default-content-block > div > p {\n\tmargin: 30px 0\n}\n#default-content-block > div > a {\n\ttext-decoration: none\n}\n<\/style>\n<div id=\"first-block-margin\"><\/div>\t\n<section id=\"default-content-block\">\n\t\t\n\t<div id=\"inner-block\" class=\"block-y-padding\">\n\n\t\t\t\t<h2>TRUST &#038; SECURITY<\/h2>\n\t\t\t\t\t\t<h1><\/h1>\n<p><a href=\"https:\/\/sourcepoint.com\/vertrauen-und-sicherheit\/\">Deutsch<\/a> | <a href=\"https:\/\/sourcepoint.com\/confiance-et-securite\/\">Fran\u00e7ais<\/a><\/p>\n<p><span style=\"font-weight: 400;\">The following outlines Sourcepoint\u2019s approach to privacy, security and compliance for the Sourcepoint portfolio of products. Included are details of\u00a0 our privacy and security practices including our organizational and technical controls to protect confidentiality, integrity, availability, and resilience\u00a0 of corporate and customer data.\u00a0<\/span><\/p>\n<p>&nbsp;<\/p>\n<h2><b>Dedicated Team\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint\u2019s Chief Privacy Counsel and Information Security Director bring an excess of thirty five years of professional experience and are\u00a0 committed to ensuring Sourcepoint maintains a culture of Privacy and Security beyond mere compliance.\u00a0<\/span><\/p>\n<h2><b>Training and Awareness\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Security and privacy awareness are conducted at least once per calendar year. Sourcepoint staff participate in training as part of onboarding and\u00a0 as often as quarterly thereafter. Specialized role-based training is provided for key stakeholders including, but not limited to, software developers\u00a0 and senior leadership.\u00a0<\/span><\/p>\n<h2><b>Vulnerability and Patch Management\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint\u2019s vulnerability and patch management program consists of annual penetration testing conducted by independent third party, network\u00a0 and application vulnerability scanning, and monthly patching of high and critical severity vulnerabilities.\u00a0<\/span><\/p>\n<h2><b>Malware Prevention\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">User endpoints are configured to run with corporate approved anti-malware solutions that are regularly updated. <\/span><\/p>\n<h2><b>Logging and Monitoring\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Except where adherence to regulatory guidelines suggests otherwise, logs from production systems are retained for a minimum of 90 days. Logs\u00a0 are protected from unauthorized access, alteration or destruction. Logs are periodically reviewed and configured to generate alerts when\u00a0 immediate mitigation may be necessary.\u00a0<\/span><\/p>\n<h2><b>Incident Management\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint has a documented Incident Response program that includes at least annual training of all staff on their responsibilities to report\u00a0 security weaknesses and vulnerabilities. The process provides guidance on notification requirements for customers that will meet or exceed all\u00a0 regulatory requirements.\u00a0<\/span><\/p>\n<h2><b>Access control\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The principles of least privilege and need to know access form the foundation of the Sourcepoint access control practices. Strong authentication\u00a0 including multi-factor authentication, breached password detection and quarterly access reviews, minimize the chance for unauthorized access to\u00a0 protected resources.\u00a0<\/span><\/p>\n<h2><b>Third party risk management\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint vendors and suppliers are evaluated in accordance with Sourcepoint\u2019s security and privacy standards, always considering use cases\u00a0 and data accessed or processed. Sourcepoint will only conduct business with vendors or suppliers who can meet these standards.\u00a0<\/span><\/p>\n<h2><b>Software development\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint utilizes an agile software development methodology where the phases include Design, Development, QA and Deployment. All\u00a0 application code is peer reviewed for quality and security. Web applications developed with secure coding best practices including, but not limited\u00a0 to, preventing the OWASP Top 10 application security risks. Production and non-production environments are logically and\/or physically\u00a0 segregated.\u00a0<\/span><\/p>\n<h2><b>Change Management\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">All system, application or network changes at Sourcepoint are subject change management review and approval. All changes are evaluated for\u00a0 their value\/impact to the business and potential risk.\u00a0<\/span><\/p>\n<h2><b>Backups and Business Continuity\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">At least once per day full backups of databases are conducted. Backups are stored encrypted and retained for no more than thirteen months.\u00a0 Business Continuity plans are reviewed and tested at least once annually. Production environments are often hosted across multiple availability\u00a0 zones to ensure continuity of services should one zone or datacenter become unavailable.\u00a0<\/span><\/p>\n<h2><b>Third Party Attestation\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">As part of the ongoing commitment to support <\/span><b>customers with the highest level of information security and privacy management,\u00a0 Sourcepoint maintains certification to ISO\/IEC 27001 and 27701 standards, of which it is audited against annually.\u00a0<\/b><\/p>\n<h2><b>Data Minimization\/Retention\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint makes every effort to limit collection and retention of PII to the minimum elements required. Sourcepoint leverages anonymization\u00a0 and de-identification techniques to reduce the risk of unauthorized or unintended disclosure. PII is only retained for as long as required and in\u00a0 accordance with applicable regulatory guidelines.<\/span><\/p>\n<h2><b>Sourcepoint\u2019s Role as Processor\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Sourcepoint in its role as a Data Importer and Processor will process IP addresses for the purpose of determining the location of our clients\u00a0 property visitors. Processing of location information of client website visitors is strictly for the purpose of ensuring geographic specific messaging\u00a0 can be displayed. Client property visitors will be assigned a randomly generated UUID utilized for the purpose of mapping consent decisions only.\u00a0<\/span><\/p>\n<h2><b>Contact\u00a0<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">All security related inquiries should be directed to <\/span><strong>informationsecurity@sourcepoint.com <\/strong><span style=\"font-weight: 400;\">and privacy related inquiries should be directed to <\/span><strong>privacy@sourcepoint.com<\/strong><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p>&nbsp;<\/p>\n\t\t    <\/div>\n<\/section>\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":37,"featured_media":520,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_acf_changed":true,"footnotes":""},"class_list":["post-16728","page","type-page","status-publish","has-post-thumbnail","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.8 (Yoast SEO v27.8) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Trust and Security - EN - Sourcepoint<\/title>\n<meta name=\"description\" content=\"Read our Trust &amp; Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sourcepoint.com\/trust-and-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Trust and Security - EN\" \/>\n<meta property=\"og:description\" content=\"Read our Trust &amp; Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sourcepoint.com\/trust-and-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Sourcepoint\" \/>\n<meta property=\"article:modified_time\" content=\"2024-03-08T17:36:40+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/\",\"url\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/\",\"name\":\"Trust and Security - EN - Sourcepoint\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/sourcepoint.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/Header_normal_DDC_414x369px.png\",\"datePublished\":\"2021-11-18T21:41:08+00:00\",\"dateModified\":\"2024-03-08T17:36:40+00:00\",\"description\":\"Read our Trust & Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/#primaryimage\",\"url\":\"https:\\\/\\\/sourcepoint.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/Header_normal_DDC_414x369px.png\",\"contentUrl\":\"https:\\\/\\\/sourcepoint.com\\\/wp-content\\\/uploads\\\/2019\\\/09\\\/Header_normal_DDC_414x369px.png\",\"width\":414,\"height\":369},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/trust-and-security\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/sourcepoint.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trust and Security &#8211; EN\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/sourcepoint.com\\\/#website\",\"url\":\"https:\\\/\\\/sourcepoint.com\\\/\",\"name\":\"Sourcepoint\",\"description\":\"Privacy software for digital marketing\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/sourcepoint.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Trust and Security - EN - Sourcepoint","description":"Read our Trust & Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sourcepoint.com\/trust-and-security\/","og_locale":"en_US","og_type":"article","og_title":"Trust and Security - EN","og_description":"Read our Trust & Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance","og_url":"https:\/\/sourcepoint.com\/trust-and-security\/","og_site_name":"Sourcepoint","article_modified_time":"2024-03-08T17:36:40+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/sourcepoint.com\/trust-and-security\/","url":"https:\/\/sourcepoint.com\/trust-and-security\/","name":"Trust and Security - EN - Sourcepoint","isPartOf":{"@id":"https:\/\/sourcepoint.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sourcepoint.com\/trust-and-security\/#primaryimage"},"image":{"@id":"https:\/\/sourcepoint.com\/trust-and-security\/#primaryimage"},"thumbnailUrl":"https:\/\/sourcepoint.com\/wp-content\/uploads\/2019\/09\/Header_normal_DDC_414x369px.png","datePublished":"2021-11-18T21:41:08+00:00","dateModified":"2024-03-08T17:36:40+00:00","description":"Read our Trust & Security whitepaper to understand Sourcepoint\u2019s approach to privacy, security and compliance","breadcrumb":{"@id":"https:\/\/sourcepoint.com\/trust-and-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sourcepoint.com\/trust-and-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sourcepoint.com\/trust-and-security\/#primaryimage","url":"https:\/\/sourcepoint.com\/wp-content\/uploads\/2019\/09\/Header_normal_DDC_414x369px.png","contentUrl":"https:\/\/sourcepoint.com\/wp-content\/uploads\/2019\/09\/Header_normal_DDC_414x369px.png","width":414,"height":369},{"@type":"BreadcrumbList","@id":"https:\/\/sourcepoint.com\/trust-and-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sourcepoint.com\/"},{"@type":"ListItem","position":2,"name":"Trust and Security &#8211; EN"}]},{"@type":"WebSite","@id":"https:\/\/sourcepoint.com\/#website","url":"https:\/\/sourcepoint.com\/","name":"Sourcepoint","description":"Privacy software for digital marketing","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sourcepoint.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/pages\/16728","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/users\/37"}],"replies":[{"embeddable":true,"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/comments?post=16728"}],"version-history":[{"count":0,"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/pages\/16728\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/media\/520"}],"wp:attachment":[{"href":"https:\/\/sourcepoint.com\/wp-json\/wp\/v2\/media?parent=16728"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}