Resgrid Trust & Security

Your security is very important to us! Here is a summary of what we do every day to guarantee that your data is safe with Resgrid

 

Secure Hardware
Secure Hardware

Resgrid operates on a multi-cloud infrastructure and uses ISO 27001 certified data center facilities and relies on the data center providers for physical access control matters.

 

Encryption
Encryption

Communications between the client and our sites or APIs are using 256-bit TLS encryption. All data at rest is encrypted with AES-256.

 

Reliability
Reliability

Resgrid is built using a modern technology stack that embraces business continuity in multiple layers. Current system availability is more than 99.9% and current availability is on our System Status page.

 

Roles & Permissions
Roles & Permissions

Resgrid uses role-based security architecture and requires users of the system to be identified and authenticated prior to the use of any system resources. Each Department can setup their own roles and permissions for their users. If you have a specific need for a role or permission please contact us and we'll add it.

 

Audit Logs
Audit Logs

Resgrid maintains system level (visible by us) and application level (visible by you) audit logs. These logs are used to track system and user activity and are available within the application. If there is a specific audit log you need at the application level please contact us and we'll add it.

 

Change management
Change management

Our change management process is documented and regularly audited. We track individual changes all the way to production. We have several stages of code review and quality assurance before changes are implemented in production.

Certifications

Resgrid is always working toward certifications to help our customers meet their compliance needs. We are currently working on the following certifications:

 

SOC2
SOC2

Resgrid is currently working toward our SOC2 Type I and Type II certifications. You can view our TrustShare profile for more info.

 

HIPAA
HIPAA

Resgrid is currently working toward our HIPAA certifications. You can view our TrustShare profile for our current progress and more info.

 

CSA STAR
CSA STAR

Resgrid is working on fully participating in the CSA Security Trust Assurance and Risk (STAR) Program.

Resgrid uses TrustCloud to help us manage our certifications and compliance. You can view our TrustCloud profile for more information and check out TrustCloud.ai if your looking for a GRC solution. Once we achieve our certifications we will post them here and update the images above to be the "certified" badges.

Security Through Community

Resgrid is open source software that anyone can download and run, audit and contribute to. Resgrid being open source means there are more eyes looking at our code to spot vulnerabilities. We also have a public security disclosures page.

 

View Our Code
View Our Code

All of Resgrid code is Apache 2.0 licensed open source and available on GitHub. You can view our code, audit it and even contribute to it.

 

Security Disclosures
Security Disclosures

Learn about how to report vulnerabilities, privacy issues, exposed data, or any other security issues pertaining to the Resgrid platform or code.

 

Hall Of Fame
Hall Of Fame

See who's made the Resgrid Responsible Disclosure Hall of Fame for independently researching and reporting vulnerabilities to us.

 

Subprocessors
Subprocessors

Resgrid uses a number of subprocessors to provide our services. Learn more about who they are and what they do for us.