The EmReach security framework is based on the ISO 27001 Information Security Standard and includes programs covering: Policies and Procedures, Asset Management, Access Management, Cryptography, Physical Security, Operations Security, People Security, Product Security, Cloud and Network Infrastructure Security, Security Compliance, Third-Party Security, Vulnerability Management, as well as Security Monitoring and Incident Response. Security is represented at the highest levels of the company, with our executive management meeting regularly to discuss issues and coordinate company-wide security initiatives.
EmReach is ISO/IEC 27001 certified. ISO 27001 is an international standard for the implementation of an enterprise-wide information security management system (ISMS), an organized approach to maintaining confidentiality, integrity, and availability in an organization. Certification to ISO/IEC 27001 demonstrates that EmReach has defined and put in place best-practice information security processes to protect the information of our clients and partners.
SOC 2 Type II
System and Organization Control (SOC) offers the best way to demonstrate effective information technology controls. The SOC 2 Type II report covers controls relevant to the trust services principles (TSP): security, availability, processing integrity, confidentiality, and privacy. EmReach invites independent auditors at regular intervals for SOC 2 Type II audits to gain confidence and trust in systems and security controls that are put in to safeguard the sensitive data of our customers.
EmReach is GDPR compliant. We are also committed to ongoing GDPR compliance. EmReach is committed to protecting customer data and privacy, and we take our obligations regarding data compliance seriously and transparently. Over the years, we have demonstrated our commitment to data privacy and protection by meeting industry standards. We recognize that the GDPR helps us maintain the highest standards of operations in protecting customer data.
Hosting & Infrastructure
Data centers, where EmReach Systems are hosted, are in top-tier colocation facilities. The entire facility is designed for maximum uptime. Each data center facility is designed to operate 24 hours a day, seven days a week, and employs a variety of safeguards to protect operations from power outages, physical intrusion, and network outages. These data centers comply with industry standards (such as ISO 27001, SOC 1, and SOC 2) for physical security and availability.
High Availability & Redundancy
EmReach provides a high-performance, scalable, and reliable critical event management and mass notification software as a service solution. EmReach implements data redundancy to minimize disruptions to the availability of customer data. Data redundancy is achieved through the fragmentation of data into extents that are copied onto multiple nodes within a region. This approach minimizes the impact of isolated storage node failures and loss of data. Critical components that support the delivery of customer services have been designed to maintain high availability through redundancy and automatic failover to another instance with minimal disruption to customer services.