Patrick Hood | IT Security Manager
In a world where so much of your life is public, it’s important for certain things to remain anonymous.
That’s why any company that touches your personal data must take it seriously. Organizations are only as strong as the controls they put in place, which is why training is paramount to the way any brand controls risk.
Security is central at Thankful- from the sales team to engineering, it’s at the center of everything we do.
Our security team is committed to educating and preparing every Thankful team member for a world where they will encounter malicious cyber threats. We prioritize security training over product training on day 1 and training continues throughout their lifetime at Thankful.
We like to think of ourselves as a role model in the start-up industry when it comes to security. Read on to learn what we do to protect our e-commerce and retail clients and employees at Thankful.
Security threats do not stop at our employees. Thankful’s responsibility to protect our clients is priority #1 and we make a multitude of different efforts to protect personally identifiable information (PII).
Short data retention periods ensure that we delete data early and often. We anonymize data anywhere possible, and encrypt it both in transit and at rest, using a set of cryptographic algorithms.
Thankful integrates a variety of account controls to give you and your team the ability to sleep comfortably at night. Time-based one-time passwords and multi-factor authentication is included in every Thankful account, regardless of the pricing tier. We also provide team management tools that enable you to enforce their password security and 2FA and add/remove team members as needed. We know your customers are valuable to your business, and we treat their privacy with the utmost respect.
We have you covered! You will find security-focused audit logs for important changes to your account which detect possible data exfiltration in the dashboard. We know you cannot do your part if we do not do ours, so we focus on high availability and regularly exceed 99.99% uptime within our Google Cloud tier 4 data centers.
Check out our availability over the years by reviewing our historical status: https://status.thankful.ai.
The world is more reliant on digital systems than ever before and more of our personal data is stored every day. That data has a price and a buyer, so motivations are high to steal, scrape, and capture anything that is not secured.
In fact, IBM’s security team reports that the global average total cost of a single data breach is over $4 million dollars. This has clearly become so temptingly lucrative that entire organizations exist to violate personal and professional systems. Highly organized, nefarious companies exist and are actively attacking and exploring new ways and methods to breach systems.
With 3 billion phishing emails sent a day, you can never let down your guard and never stop improving your security posture.
Thankful has robust security controls in place and is proudly accredited by an industry-leading security auditing organization. We are certified SOC 2 Type 2 compliant making us one of the most trusted SaaS partners in the customer support industry. SOC 2 was developed by the American Institute of CPAs, and it defines the criteria for managing customer data. There are two types of SOC 2:
Type I describes a vendor’s systems and whether their design is suitable to meet relevant trust principles at this moment in time. Type II details the operational effectiveness of those systems over a period of time, usually 6-12 months. The SOC 2 certification does not stop after completion, and Thankful re-certifies its status annually.
It has never been more important to work with partners that take security as seriously as you and Thankful is proud to be a leader in cyber security for e-commerce and retail brands!
My next piece will be about cyber security and ChatGPT, stay tuned.
Topics: Blog, Customer Service, Security
Patrick Hood | IT Security Manager
Share this article
Recent
