Security of clients’ data and system operation is the number one priority for Chemwatch. Our security system is robust and has the full ongoing support of the executive management, with our security budget increasing by more than 3 times in the past year alone. The Chemwatch security system can be read about in more detail below.
Security Commitments
Our commitments to information security are widespread and include, but are not limited to, the following:
System Security
- System features and configuration settings fully fitted to authorize user access while restricting unauthorized users from accessing information unnecessarily
- Use of intrusion detection systems identifies and prevents potential security attacks
- Production environment is regularly subject to vulnerability scans and penetration testing
- Operational procedures for managing security incidents and breaches, including notification procedures
System Availability
- Monitoring mechanisms help ensure system performance and availability, and the consistent delivery of the system and its components
- Business continuity and disaster recovery plans that include detailed instructions, recovery point objectives (RPOs), recovery time objectives (RTOs), roles, and responsibilities
- Operational procedures supporting the achievement of availability commitments to user entities
- Responding to customer requests in a reasonably timely manner
Data Protection Measures
- Robust encryption technologies to protect customer data both at rest and in transit
- Comprehensive data retention and disposal policies
Confidentiality
- Ongoing confidentiality and non-disclosure agreements with employees, contractors, and third parties
- Confidential information is only ever used for the purposes explicitly stated in agreements between Chemwatch and user entities
Security Certifications and Standards
Chemwatch has established and actively supports several frameworks and standards, to ensure the confidentiality, privacy, integrity, and availability of data and systems. These frameworks are a core part of our day-to-day operation, and include ISO 27001:2013 and ISO 9001 certification, compliance to GDPR and the Australian Privacy Act, with SOC 2 Type 2 accreditation in the making (target date of Q3 2023).
Security Controls
Chemwatch security controls are designed to protect clients' data and privacy while using the systems. Our controls are based on major risks as defined by OWASP and NIST list, with each control designed to address specific security risks and threats.
Third-Party Security
We work with vendors to ensure their standards are able to provide the same levels of assurance as our own security system. All vendors are assessed and monitored for their security practices to mitigate the risk of security vulnerabilities.
Incident Management
Should a security incident occur, we have a tested system in place to address issues in a timely fashion, and work together with the client on minimizing risks.
To this day, we have not had a single security incident to report.The Chemwatch security system is one of the most advanced in the business. If you have questions or concerns or need more information on this topic, please do not hesitate to contact us via our inquiry form below or by emailing
**@ch*******.net
.