San Francisco, California, 27 August 2018 – Resilinc, the leading provider of supply chain visibility data-as-a-service and advanced risk analytics platform, today announced its compliance and certification to the highest international data security and privacy measures: The American Institute of CPAs’ Service Organization Controls Type 2 report (SOC 2); the ISO/IEC 27001 standard for information security; the US-EU Privacy Shield Framework; and the EU’s Global Data Protection Regulation.
ISO 27001 and AICPA’s SOC2 require extensive audits and verification by third-party audit firms. “While many software companies rely on their enterprise-cloud vendors to achieve SOC2 and ISO 27001 certifications, we decided to validate our own data management practices end to end,” said Sumit Vakil, CTO and co-founder. “We consider the trust of our customers and platform users to be of paramount importance. The kind of data we store for our customers and their suppliers is essential intellectual property and protecting it with the most stringent security protocols is our fundamental responsibility to them.”
As a data and content provider, Resilinc enables over 70,000 companies across 135 countries to connect with their customers on the platform. “Our platform security is constantly under scrutiny by InfoSec teams across thousands of companies” said Ranna Rose, vice president of customer success and operations. “As the global leader for risk management solutions, our internal standard is to be more paranoid than our most paranoid customer when it comes to data privacy and security.”
A key factor enabling Resilinc to achieve its ISO 27001 and SOC2 certification was its extensive and ongoing penetration testing. The firm uses the Top 10 guidelines developed by the Open Web Application Security Project (OWASP) as benchmarks for its web application security. “With every software release we issue, we use automated tools and manual testing to ensure that our software is in compliance with the OWASP Top 10,” said Vakil. “We also use Black Hat tools like Kali Linux to proactively attack our own systems with the same tools that hackers tend to use.”
While ISO 27001 and SOC2 focus on overall data security and integrity, Privacy Shield and GDPR cover protection of personal data transferred outside the European Union. “Resilinc connects enterprise users between customers and their suppliers over our platform,” explained Vakil. “Resilinc’s policy has always been that enterprise users decide what information they share about their operations, and with which customers. Protecting each individual’s privacy is essential to nurturing trust and confidence in our user community, and vital to ensuring compliance with Privacy Shield and GDPR regulations.”
Resilinc is the leading provider of supply chain visibility data-as-a-service, and cognitive risk analytics solutions. Over 100 of the world’s leading brands rely on Resilinc’s AI-powered global disruption monitoring service, to keep track of millions of parts as they make their way around the globe, touching hundreds of thousands of nodes. Resilinc is the only company to consistently achieve success in mapping the supply chain multiple tiers deep, all the way down to part and site levels, and exposing hidden failure points and bottlenecks deep in the sub-tiers. Resilinc’s patented advanced risk quantification algorithms and easy to use supplier assessment solutions have established a new standard for measuring supplier risk. Companies use Resilinc’s cognitive sourcing and risk protection learning systems to realize millions of dollars in savings on expediting raw materials or freight and lower inventory levels while keeping their supply chain operating with greater agility and resiliency. For more information, visit https://www.resilinc.com.