Crossbeam employee access to our internal vendor systems is granted based on least privileges. Employees are granted privileges to any system only as needed to perform their role. Access is tracked and audited quarterly. Crossbeam’s production environment is accessed via SSH. The production SSH server is firewalled to restrict access outside of our VPN. Production database access is then accessed via username/password authentication. SSH access is protected by Duo MFA and uses key-based authentication.
Physical controls are in place to limit access to our floor and office in Philadelphia. Elevators and office doors require key cards to operate and are granted only to employees. We occupy a private locked suite in an office building.
Crossbeam Employee Policies and Procedures: All Crossbeam employees are required to follow strict procedures to ensure your data remains secure. Additionally, Crossbeam educates employees on an ongoing basis on their role in protecting your data.
Security policies, privacy policies, disaster recovery plan, incident response plan, and any other pertinent documents related to privacy and security are reviewed, at minimum, on a quarterly basis by Crossbeam’s Security and Disaster Management Committee.