A Rigorous Approach to Information Security
At MaritzCX we are committed to the highest security standards for customer data and the systems used to manage that data. Our Systems Operations and Information Security experts are constantly working to ensure our customers receive the best user experience in the safest environment. This is accomplished by continually assessing risks and improving the security, confidentiality, integrity, and availability of our systems.
Heightened Information Management Security
Demonstrating our continued commitment to maintain the highest standards in security for our customers, we are committed to security standards that protect our customers data and have established our security policies based on the ISO 27001 framework. These standards are regularly reviewed and enforced by our internal security experts and verified by external experts. Our Information Security Management System and product platform are ISO 27001 certified. In addition to ISO 27001 standards, our Information Security Framework is based on NIST 800-35 standards to ensure we meet SOC 1&2, FedRamp, HIPPA/HITRUST, and Gramm-Leach Bliley standards. The MaritzCX Platform is also designed with multiple layers of protection, covering data transfer, encryption, network configuration, access controls, and application level controls, all distributed across a secure architecture.
All security and compliance controls are supported by our Chief Information Security Officer and certified experts in information security, international privacy regulations, and process management. Our technical solutions are supported by a comprehensive training program for employees, interns, and contractors that includes mandatory new hire and annual training as part of a comprehensive Risk and Compliance Program.
Multiple Layers of Protection
We support virtualized, load balanced, and shared web and application processing systems. All data in transit is encrypted. HTTP over Transport Layer Security (TLS) is used for data transfer, creating a secure tunnel protected by 256-bit or higher Advanced Encryption Standard (AES encryption). Encryption of data at rest is available to customers who desire an added layer of protection. In addition to powerful data security processes and encryption, we diligently ensure the security of our backend network through monitoring techniques that provide multiple layers of protection and defense, including firewalls, network vulnerability scanning, network security monitoring, and intrusion detection.
Comprehensive Privacy and Data Protection
All of our systems meet or exceed applicable GDPR requirements. Client consultations are scheduled as necessary to help each organization understand how we support their privacy responsibilities. For more information about GDPR compliance, please see the MaritzCX GDPR web page.
Global Data Center Management
We offer data center locations worldwide, in three key markets: Europe, the United States, and Australia. Each of these locations includes a secondary backup site within the same geographic region. We do not transfer data between data centers, nor do we transfer client data beyond the designated borders, unless instructed to do so by a client. Each third-party hosting provider is SOC, ISO, PCI, HIPPA, and Gramm-Leach-Bliley compliant. Locked racks, closed circuit cameras, biometric readers, and card access, along with additional offsite monitoring, all combine to secure each MaritzCX data facility.
Blocking Potential Vulnerabilities
Our MaritzCX security experts regularly perform automated and manual application security testing to identify potential security vulnerabilities on desktop, web, and mobile applications. This ensures risks are mitigated and eliminated, protecting customer data within the platform. These groups conduct regular application, network, and other security penetration testing to ensure the security of all MaritzCX systems. We also contract with third-party providers to perform ongoing vulnerability scanning and quarterly penetration testing of production systems at no cost to the customer.
The Most Trustworthy CX Platform
Platform, network, and data security protocols are fully integrated into the MaritzCX Platform, including Survey Builder, Dashboards and Reports, Text Analytics, and other applications to ensure customer data is shared in the most secure environment.