With the rise of high-profile cyber attacks and data breaches becoming more prevalent and sophisticated, people are increasingly aware of the threats that exist around data security. As a result, there is an expectation that companies maintain comprehensive security measures that protect their sensitive data.
As a digital wealth management platform company that provides advanced analytics and risk management, securing your data is essential to our services. We handle sensitive financial information and rely heavily on the trust of our clients, which can only be maintained through strict security measures and data protection protocols.
At d1g1t, safeguarding our clients’ sensitive financial information is of the utmost importance to us. We prioritize security and data integrity by implementing rigorous measures within our software and team processes to ensure confidentiality, availability, and security.
d1g1t’s SOC 2 Type II Certification
In May 2022, the d1g1t team achieved SOC 2 Type II certification for our wealth management platform. The System and Organization Control (SOC) 2 Type II certification is completed through an audit and report from the American Institute of Certified Public Accountants (AICPA). The SOC 2 report assesses security controls d1g1t has in place to address security, availability, and confidentiality. This certification ensures secure and confidential data management for clients by SaaS providers.
To achieve SOC 2 Type II certification, a company must demonstrate that it has implemented appropriate security and data protection controls over the past year. Currently, d1g1t is being audited on security, availability, and confidentiality for the 2023 annual SOC 2 certification (which will be available in May 2023). Security refers to the measures taken to detect and prevent unauthorized access, damage, or theft of information. Availability ensures that authorized users have access to the information they need, when they need it. Confidentiality ensures that sensitive data is protected from disclosure to unauthorized parties.
We are currently working towards including process integrity and privacy assessment in our 2024 audit.
The d1g1t security team, led by our Director of Information Security and Risk, Todd Wade, is focused on ensuring security is a central pillar of our organization and services.
In today’s digital landscape, clients expect their software providers to understand security and related concerns thoroughly. At d1g1t, our entire team is focused on building and maintaining their knowledge and expertise to foster trust and confidence in our clients.
Other Security Related Measures and Initiatives at d1g1t
Our team is invested in ongoing initiatives to support our data security strategy, including:
Disaster Preparedness and Recovery Measures
The d1g1t operations team has fully utilized the wide range of services by our IaaS provider to help ensure scalability, redundancy, and high availability. We have also implemented comprehensive disaster preparedness and recovery measures. This includes regular testing of both our IaaS infrastructure and our organizational business continuity plan. We conduct regular recovery simulations to ensure our team is prepared to respond quickly and effectively in the event of a significant interruption to our services.
We conduct annual penetration testing to identify vulnerabilities in our platform. Our security team also conducts regular internal testing to simulate real-world attacks and identify any weaknesses in our system. These activities are used to maintain and enhance our vulnerability management program.
Regular Review and Updating of Security Policies
Our team is committed to keeping up with the latest data security trends and changes. We regularly review and update our security policies to ensure they are aligned with current best practices and industry standards. This includes conducting regular risk assessments to identify any new threats or vulnerabilities that may have emerged.
Employee Training and Awareness
We believe that data security is a team effort and that everyone in our organization plays a critical role in maintaining the security of our system. To this end, we provide regular training and awareness programs to ensure that our employees understand the importance of data security and are equipped with the knowledge and tools they need to keep our system secure.
Our team is committed to improving all aspects of our data security strategy, and we recognize that this is a continuous process. This includes regularly evaluating our security measures to identify areas for improvement to maintaining best practices in data security.
d1g1t understands the importance of securing our client’s data, and we are committed to maintaining strict data security measures. We look forward to updating you on our upcoming SOC 2 type 2 compliance and certification for 2023 to further establish our commitment to secure data management. If you have questions about our software or security, please do not hesitate to contact our team.
Director, Information Security and Risk