We’re committed to defending your data
The landscape of digital threats is evolving every day. So we urge Mitratech clients to take full advantage of the heavily secured environment and multilayered threat protection and security measures we deploy to safeguard your data.
We’re committed to helping our clients be more secure when accessing our Cloud service offerings, and provide the following security features to deliver added layers of end-user validation and authentication.
Single Sign-On and Multi-Factor Authentication
- Single Sign-On allows for your company to implement your authentication best practices, such as password complexity and login attempt limits.
- Multi-Factor Authentication requires all login attempts to have both authentication credentials and additional authentication factors.
- We’ve partnered with the industry leading cryptography provider for our FIPS 140-2 compliant encryption at-rest solution, protecting client data within Mitratech’s cloud environment.
- Working together, we’ve developed a unique security solution for key management, where only client designates – not even Mitratech – have access to export or modify these keys.
Security Awareness Training
- We’ve instituted intensive security awareness training for all Mitratech employees, which includes more advanced training on security depending on the level of access to sensitive client information. All employees are required to pass a security training exam to continue with their jobs.
- Mitratech highly recommends phishing education for all Mitratech Cloud client users. Phishing attacks incidents happen due to a user clicking on fraudulent links or opening attachments to suspicious emails.
Session Timeout Thresholds
- One of the most common vulnerabilities involves session management. They key to effective session management is to find the shortest timeout that will still allow for productivity. Mitratech currently suggests a 15-30 minute timeout period.
- Avoiding persistent logins and enforcing reasonably short session timeouts help to secure key business data and prevent unattended sessions from attracting wrongdoers.
Report a Security Concern
- For security-related questions, information, or reporting, contact security by emailing firstname.lastname@example.org