Encryption of all data in transit (using TLS 1.2 or higher) and at rest (through AES-256). Canyon leverages EU-hosted AWS servers and operates in multiple zones to create robustness against downtimes.
Canyon complies with an annual penetration and vulnerability testing by the leading infosec company Bishop Fox (full details here). Tests allows Canyon to proactively identify and remediate any security vulnerabilities.
Canyon's standard operating policies include policies governing IT assets, access controls, internet access policies, antivirus policies, remote access policies, and other information security policies. We provide a copy of those policies upon request.
As part of its formal commitment to comply with the EU General Data Protection Regulation, Canyon maintains a Data Processing Addendum (signed version available on request), Records of Processing Activities and a Personal Data Breach Detection & Reporting Policy.
Canyon operates according to a strict need-to-know access basis and conducts regular checks to ensure that Canyon personnel are only granted the permissions they need to conduct their job functions. No Canyon personnel has ever access to contracts and documents.
For our Acceptable Use Policy, Business Continuity Plan, Vulnerability Disclosure Policy, Information Classification, Handling and Retention Policy, or other information security documentation, please reach out to your sales or customer success representative. Report any issues to firstname.lastname@example.org.