At Cembla, we value our customers’ trust, and the security of their data is our utmost priority. We are committed to providing a secure environment for all our operations, whether it's data processing, software development, or machine learning services. This security policy outlines our guiding principles, responsibilities, and the mechanisms we use to protect information and services.
This security policy applies to all Cembla employees, contractors, partners, and any entities that interact with our systems or handle our data. This policy encompasses all systems, networks, devices, data, communication, and applications owned or managed by Cembla.
Everyone at Cembla has a part in maintaining security.
All data handled by Cembla is classified into one of the following categories: public, internal, confidential, or highly sensitive. Each category requires different handling measures, with the most stringent controls applied to the highest sensitivity data.
Physical access to our premises and data centers is strictly controlled. Only authorized personnel are allowed access. Monitoring systems and controls are in place to prevent unauthorized access and to ensure environmental conditions are optimal for our equipment.
Access to our systems is strictly managed and based on the principle of least privilege. Two-factor authentication is mandatory for all users.
Our network is protected by advanced security technologies such as intrusion detection systems (IDS), firewalls, and secure gateways. All traffic is inspected and filtered for potential threats.
We follow secure coding practices to develop our software. All our applications undergo rigorous testing and vulnerability assessments before being deployed. Regular updates and patches are applied to keep them secure.
In case of a security incident, our team is ready to identify, respond, and recover. After each incident, we conduct a thorough investigation to prevent future occurrences.
We have a robust business continuity plan (BCP) and disaster recovery plan (DRP) to ensure our operations can continue in case of a significant disruption. Regular backups of critical data are performed, and we have the capacity to quickly restore our services.
Cembla complies with all relevant regulations and standards and is currently undergoing SOC2 compliance. Regular audits are conducted to ensure compliance.
This security policy is reviewed and updated annually, or more frequently if significant changes occur in our operations or threat landscape.
For any inquiries or security concerns, please contact our security team at contact@cembla.com.
Failure to comply with this security policy can lead to disciplinary action up to and including termination of employment or contracts.
This policy is effective as of July 8, 2023.
Cembla reserves the right to modify or update this policy at any time. Changes will be posted on this page, and your continued use of our services after such changes have been posted will constitute your acceptance of the changes.