Security is built into everything we do.
Consensus is focused on delivering products with an infrastructure that is secure, reliable and scalable. We take great pride in maintaining our customers’ trust through transparency and constantly exceeding their expectations. Here you can find an overview of our security practices.
We implement a variety of safeguards to ensure your data is secured and our applications and infrastructure meet highest compliance requirements.
Consensus uses best of breed application security best practices, which include:
Regular static and dynamic code analysis with internal SLA for full resolution of vulnerabilities before release
Application penetration tests and ongoing internal audits
Enterprise SSO, ADFS, SAML v2 and granular access model support
Regular security training for developers focused on OWASP
Proven and well supported application frameworks
Consensus products are secure by design. Some highlights of our secure infrastructure architecture include:
Hosted on a top-tier cloud hosting solution, which has extensive controls and whose compliance with PCI, ISO27002 is regularly reviewed for alignment with our customers’ needs
Architected with multiple layers of isolation for each product application, 24/7 monitoring and alerting
Specific security zones by application
Continuous hardening and patching
State of the art intrusion prevention and detection system
Content distribution network to speed up access across global regions
Administrative Security. Take Control
To ensure configurations are defined and enforced effectively we have implemented all administrative policies and audit them regularly:
Adherence to best practices from NIST, ISO 27001/2 framework
Security Standard Configuration Policy
Two-factor authentication for all administrative access
Least privileged model across all infrastructure & application components
Strictly restricted access to customer data for specified authorized personnel based on need
Incident Response Policy including a dedicated Security Operations Center team
Annual information security training for all full-time personnel
Regular audit of system access
Want more info on our security practices? Sign up below and we'll get back to you within 48 hours.