Falcon takes the security of your and our data very serious. We continuously maintain the following information security compliance initiatives:
- Risk Management program
- ISO/IEC 27005:2018.ISO/IEC 27005:2018 provides guidelines for information security risk management. It supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach.
- ISO 27001 compliance
- Falcon’s commitment to ISO compliance is an important step in streamlining our approach to secure data processing and continuing to meet your requirements for information security.
- ISO/IEC 27001:2017
- ISO 27001: The foundation of our ISMS. ISO 27001 specifies the requirements for establishing, implementing, maintaining, and continually improving an information security management system within the context of our organization.
- ISO/IEC 27005:2018
- ISO/IEC 27005:2018 provides guidelines for information security risk management. It supports the general concepts specified in ISO/IEC 27001 and is designed to assist the satisfactory implementation of information security based on a risk management approach.
- ISO/IEC 27018:2019
- ISO 27018 adds a set of controls for protection of Personally Identifiable Information (PII) in the cloud to the ISO 27001 framework. This is in accordance with the privacy principles stated in ISO/IEC 29100 for the public cloud computing environment.
- Security Board
- We have an active Security Board headed by C-level members, which uses risk management (ISO/IEC 27005:2018) to support our information security strategy. This ensures that we are proactive in identifying and dealing with threats and vulnerabilities.
- Information Security Policy
- We outline our commitment to protecting information assets, systems, and people in our Information Security Policy, along with our intellectual capital, customer, and partner relationships, company brand, and share value. The policy codifies the principles we work by every day to keep your data secure. All employees must read Falcon’s Information Security Policy as part of their onboarding.
- Security Awareness
- A continuous focus on security awareness training ensures that information security and the protection of your data is always at the forefront of all employees’ minds. Awareness training is a central part of all employees’ onboarding process.
- Cyber Essentials
Falcon.io is Cyber Essentials certified. Cyber Essentials is a UK certification of 40 technical measures/controls against the most common cyber threats. Cyber Essentials demonstrates Falcon’s commitment to cyber security and data protection.
Our Internal IT team as well as our specialized SRE team ensures technical measures/controls are implemented on all of Falcon’s devices. With this certification, all our departments are working in compliance and adherence to Cyber Essentials. We are committed to maintaining the certification and level of compliance with Cyber Essentials on an annual basis.
You can find out more about the certification at the National Cyber Security Centre website.
Next to our general information security compliance initiatives, Falcon also adheres to extensive privacy compliance initiatives. Find out more about privacy compliance here.