Skip to content
IntegSec - Next Level Cybersecurity

Security

We welcome responsible vulnerability disclosure. To report a finding, contact our security team at security@integsec.com.

As a leading provider of penetration testing and cybersecurity staffing solutions, IntegSec is committed to delivering highly secure, reliable, and cutting-edge services for our clients. Our cloud-first approach leverages the power of Microsoft Azure (Azure), Amazon Web Services (AWS), and Google Cloud Platform (GCP) for everything that we do including virtual desktops, compute, storage, and deployment. These platforms are compliant with a wide array of industry-accepted security standards and are hosted on infrastructure in regions of your choosing worldwide. For detailed compliance standards, refer to:

Our team brings a security-first mindset to everything we do, ensuring robust protection for our systems, data, and client information. We implement strict security controls across our people, processes, and technologies, and we undergo regular assessments, including penetration testing, to maintain the highest levels of security. 

Where Is My Data Stored?

For delivering business services, IntegSec utilizes Azure, AWS, and GCP cloud services, sharing in their robust standards and accreditations.

All virtualized servers and resources are provisioned in specific cloud regions, ensuring compliance with local data sovereignty requirements.

Microsoft Azure Compliance Details

Microsoft Azure adheres to over 100 compliance certifications, addressing global, regional, and industry-specific requirements Microsoft Azure Compliance. Key certifications include:

  • ISO 27001, 27017, 27018: Information security, cloud security, and privacy standards.
  • SOC 1, 2, 3: Service organization controls for financial reporting, security, and availability.
  • FedRAMP: U.S. federal government cloud security standards.
  • HITRUST: Healthcare-focused security framework.
  • PCI DSS: Payment card industry data security standard.

Amazon Web Services (AWS) Compliance Details

AWS supports 143 security standards and compliance certifications, ensuring robust alignment with global and industry requirements AWS Compliance. Key certifications include:

  • PCI DSS: Security standards for payment card data.
  • HIPAA/HITECH: Compliance for healthcare data protection.
  • FedRAMP: U.S. government cloud security authorization.
  • FIPS 140-3: Cryptographic module validation.
  • NIST 800-171: Standards for protecting controlled unclassified information.
  • ISO 27001, 27017, 27018: Global standards for information and cloud security.
  • SOC 1, 2, 3: Controls for financial, security, and availability auditing.
    Google Cloud Platform (GCP) Compliance Details

Google Cloud complies with a broad range of certifications and frameworks, focusing on global and industry-specific standards Google Cloud Compliance. Key offerings include:

  • ISO 27001, 27017, 27018: Standards for information security, cloud security, and privacy.
  • SOC 1, 2, 3: Auditing standards for financial reporting, security, and availability.
  • PCI DSS: Compliance for payment card data security.
  • HIPAA: Standards for healthcare data protection.
  • FedRAMP: U.S. government cloud security compliance.

Who Has Access to My Data?

IntegSec does not share client data with third parties.

Access to client data for support or service delivery purposes is restricted to a small number of closely managed IntegSec personnel, all of whom undergo rigorous background checks, training and adhere to strict confidentiality agreements as part of our cybersecurity staffing practices.

Access to systems and data follows the principle of Least Privilege, ensuring that only authorized individuals can interact with specific resources as needed for penetration testing, code reviews, vulnerability assessments, or other services only for as long as it is needed to reach business objectives.