Transform9 recognises that the confidentiality, integrity and availability of information and data created, maintained and hosted by us are vital to the success of the business and privacy of our partners.
As a service provider/product, we understand the importance in providing clear information about our security practices, tools, resources and responsibilities within Transform9 so that our customers can feel confident in choosing us as a trusted provider.
This Security Posture highlights high-level details about our steps to identify and mitigate risks, implement best practices, and continuously develop ways to improve.
Controls (44)
Here are the controls implemented at Transform9 to ensure compliance, as a part of our security program.
Product security (1)
Service Identification and Authentication
Data security (5)
Termination of Employment
Encrypting Data At Rest
Data Backups
Testing for Reliability and Integrity
Transfer of PII
Network security (4)
Limit Network Connections
External System Connections
Transmission Confidentiality
Anomalous Behavior
App security (1)
Conspicuous Link To Privacy Notice
Endpoint security (4)
Malicious Code Protection (Anti-Malware)
Full Device or Container-based Encryption
Endpoint Security Validation
Endpoints Encryption
Corporate security (29)
Code of Business Conduct
Organizational Structure
Roles & Responsibilities
Security & Privacy Awareness
Performance Review
Automated Reporting
Incident Reporting Assistance
Third-Party Criticality Assessments
Assigned Cybersecurity & Privacy Responsibilities
Internal Audit using Sprinto
Periodic Review & Update of Cybersecurity & Privacy Program
Management Review of Org Chart
Management Review of Risks
Management Review of Third-Party Risks
Subservice organization evaluation
Segregates Roles and Responsibilities
Subprocessor Requirements
Data Protection Officer (DPO)
EU Representative
Testing
Customer Obligations
Retention of Policies
Chief Privacy Officer (CPO)
Asset Ownership Assignment
Incident Management by Service Providers
New Hire Security & Privacy Training Records
Periodic Security & Privacy Training Records
Updates During Installations / Removals
Inventory of Endpoint Assets
