Escalon is Proudly SOC2 Type II Compliant!

In today’s world, if you’re not concerned about data security, you should be. Cyberattacks are a growing threat that every organization faces. Bad actors are always on the lookout, targeting businesses and individuals. This is exactly why it is crucial to stay one step ahead and protect your company from these risks.

At Escalon, our entire team, especially our security professionals, is fully committed to safeguarding your data. We have built a robust security infrastructure, combining the latest technology with proven internal policies and processes, to keep your sensitive information secure.

Customers seeking detailed, product-specific security insights can review our Trust Center or request a copy of the applicable SOC 2 Type II audit report via email.

Security Overview

Information Security Program

Our comprehensive information security program is communicated organization-wide and adheres to the standards outlined in SOC 2.

Confidential

All Escalon employees acknowledge and agree to Escalon’s policies regarding nondisclosure and the protection of both Escalon and third-party confidential information, including the proper use of such information.

Continuous Monitoring

We employ continuous monitoring practices to maintain the highest levels of security and compliance.

Third-Party Audits

Our organization undergoes independent third-party audits to validate and assess the effectiveness of our security controls.

Security Awarness Training

All team members participate in security awareness training, which covers industry-standard practices and key topics such as phishing prevention and password management.

Penetration Testing

We conduct annual independent third-party penetration tests to ensure the integrity of our services’ security posture.

Roles and Responsibilities

We have clearly defined and documented roles and responsibilities for our information security program, ensuring the protection of our customers’ data.

Encryption of Customer Data

Customer Data is securely encrypted both at rest and during transit.

If Escalon becomes aware of a security event involving the loss, disclosure, or alteration of Customer Data stored with Escalon ("Security Incident"), it will take immediate action to (1) inform the affected Customer; (2) investigate the incident; (3) implement reasonable measures to contain and mitigate its impact.

Escalon will notify customers of relevant Security Incidents through a method of its choice, such as email. Escalon's response to a Security Incident does not constitute an admission of fault or liability for the incident.

Customers are encouraged to report any suspected or confirmed misuse of their accounts, authentication credentials, or other security concerns related to Escalon services without delay.

Ready to talk?

Escalon enforces strict access restrictions for its personnel and subcontractors using a role-based access control framework.

This framework ensures that Escalon team members access customer data solely as needed to deliver services efficiently and effectively. Subcontractors are granted limited access exclusively for performing their contracted services and are bound by contractual obligations to uphold the confidentiality and security of customer information, prohibiting any other use of the data.
When an employee or contractor leaves Escalon, we have a formal process to promptly revoke all physical and network access to Escalon facilities and resources.
The processes and controls regulating access to customer data undergo regular validation. Escalon conducts sample audits to verify that access to data is strictly for legitimate business purposes and with proper authorization levels. Robust authentication protocols and strong controls ensure that only authorized personnel have access to customer data, with access carefully tracked, logged, and revoked when no longer required.

Ready to talk?