Introduction

Security Policy

At Help Desk Migration, we deeply understand the value of your data. Ensuring its protection throughout the entire migration cycle is our top priority. Our approach is designed to safeguard your data, maintain its integrity, and ensure compliance with global security standards.

Try for free
Seamless migration, uncompromised security: Discover Help Desk Migration’s approach

We’ve earned the trust of companies across industries

Arkansas tech university Cosmos 4FRNT Brasnthings TRG Screen Petplan Thule Roland Stately

Principles and Commitments

Data Ownership

Your data is exclusively yours. It is never sold or used beyond what is outlined in our agreement.

Access Control

We restrict data access to what is necessary for migration, as set by you during migration setup.

Data Retention

Data retention on our premises is strictly for the migration period and is controlled directly by you.

Support Excellence

Our dedicated support team is always available, ensuring seamless and effective data migration.

AICPA

SOC 2 Compliance

We are obtaining SOC 2 compliance, focusing on security, confidentiality, availability, and integrity principles.
Request Letter of Assurance

AWS

AWS Infrastructure

Deployed on AWS, adhering to various security standards (e.g., ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC 2, CSA, PCI DSS, and others.)

Subservice Organizations Verification

Subservice Organizations Verification

Regular compliance checks against our stringent security requirements.

Gdpr

Data Processing Agreements

Compliant with relevant EU and US regulations, ready to sign DPAs per customer instructions.

PCI DSS

Payment Security

We use PayPro Global for payments, a certified PCI Level 1 Service Provider.

Hippa

HIPAA Compliance

Ready to sign a BAA for full HIPAA compliance.

Service Level Agreement (SLA)

Service Level Agreement (SLA)

We guarantee high reliability and performance standards, with detailed uptime commitments and responsive support protocols.

Technical Security Measures

Secure Migration Platform

AWS Infrastructure

Our infrastructure leverages distinct AWS accounts for production and staging, providing clear environmental segregation. This setup is continuously monitored using AWS CloudWatch and safeguarded by AWS GuardDuty, ensuring vigilant security monitoring and threat detection.

Cloudflare WAF Deployment

We employ Cloudflare's Web Application Firewall (WAF) to protect our web-facing services. This robust layer of security filters and blocks potentially harmful web traffic, offering DDoS mitigation and rate limiting to enhance our online security posture.

End-to-End Encryption

Our commitment to data security includes comprehensive encryption of databases, storage solutions, and transmission channels. This practice ensures the confidentiality and integrity of your data throughout the migration process.

Secure HTTPS Protocols

We mandate using HTTPS connections for all migrations, ensuring secure and encrypted communication channels.

Technical Security Measures
Distinct storage
Technical Security Measures

Secure Access to the Platform and Data

OAuth 2.0 Authentication

To provide secure and limited access during migrations, we employ OAuth 2.0 authentication protocols, allowing precise control over access scopes.

Data Segregation Strategies

Each migration is assigned a unique identifier, storing customer data in dedicated, segregated environments. This ensures the isolation and security of your data.

Advanced Encryption Protocols

We use the latest encryption methods to protect customer data. All encryption keys are securely managed within AWS KMS, providing an additional layer of security.

Controlled Employee Access

Our employees' access to customer data is governed by strict protocols, ensuring that interaction with your data is necessary and authorized.

Technical Security Measures

Monitoring the Migration Process and Support

Interactive User Dashboard

Data migration service interface includes a comprehensive dashboard, offering real-time tracking and detailed status reports on data transfer.

Integration with BugSnag

We use BugSnag for proactive issue detection and management, ensuring that any operational anomalies are quickly identified and resolved.

Dedicated Customer Support

Our customer support team is readily accessible through multiple channels, with response times governed by Service Level Agreements tailored to customer subscription plans.

Service Status Transparency

A regularly updated status page informs you about service availability and performance issues.

Monitoring the Migration Process and Support
Data destruction certificate
Technical Security Measures

Full Control Over Data Post-Migration

Data Deletion Protocols

Post-migration, customers can delete their data manually. Additionally, we have an automatic data deletion process, termed "archivation", for migrations that have been inactive for 30 days. This process includes removing all data from our storage, barring a single database that retains only essential statistical information.

Data Deletion Certificate

Upholding our commitment to transparency, we provide customers with a detailed certification upon request for data deletion. This certificate offers crucial information such as the specific storage location of the data, backup status, retention duration, and an exhaustive description of the destruction process.

Help Desk Migration passed with flying colors, securing the highest 'A' grade after undergoing penetration testing. Count on us for not just secure, but impeccably safeguarded data migration

Organizational Protection Measures

Risk Assessment and Vendor Management

Annual Risk Assessments

We conduct comprehensive annual risk assessments and penetration testing. This proactive approach helps us identify and address potential security vulnerabilities in our IT systems and supported business processes.

Vendor Management

Our vendor management process involves rigorous due diligence and establishing vital data protection requirements within our contracts. This ensures that all our vendors align with our high-security standards.

Personnel Security

Employee Training and NDAs

Data migration service’s employees undergo extensive security awareness training upon onboarding and annually after that. Additionally, they review and acknowledge our Acceptable Use Policy annually. Employees and contractors must sign non-disclosure agreements, ensuring confidentiality and compliance even after termination.

MDM Solutions

We implement a robust Mobile Device Management (MDM) solution to manage the security of corporate laptops. This includes enforcing encryption, ensuring timely software updates, setting OS password policies, and maintaining active firewalls.

Access Management

Authorization Protocols

We ensure thorough authorization of access to IT systems and networks before granting access.

Password Policies

Implementing complex passwords and multi-factor authentication across corporate IT systems and laptops.

Personalized Accounts

Our employees are provided with individual user accounts, ensuring traceability and accountability in production systems.

Annual Access Reviews

We conduct annual reviews of access to our IT environment, maintaining strict control over who has access to what data.

Disaster Recovery and Business Continuity

Disaster Preparedness

We regularly test our disaster recovery and business continuity plans to guarantee operational resilience. This ensures that our system infrastructure components can be swiftly restored during a disaster and that our company's key components remain available.

Secure Development

Commitment to Security

The data migration team is dedicated to implementing secure software development practices, ensuring the integrity and security of our software products.

Emergency Change Control

An established emergency change control process addresses urgent changes for incidents or critical business needs.

Automated Security Checks

All pull requests undergo automatic checks, including Static Application Security Testing (SAST) and Software Composition Analysis (SCA) scans, for both application and infrastructure co/de.

Docker Image Scanning

Continuous vulnerability scanning in Docker image repositories, with scans triggered upon new image pushes.

Streamline your help desk migration with a secure, automated service

%s
— %s