Security
Security at Visier is fostered through a strong culture of awareness, ongoing training, robust processes and technologies, and leading industry standards.
Overview
Security is embedded into our everyday responsibilities and regularly championed by our Executive Leadership team. Through regular training and security awareness initiatives, we are proud to have fostered a culture where employees feel a shared responsibility towards maintaining and enhancing security at Visier.
We design our processes and technologies to be robust and aligned with industry best practices (including information assurance frameworks) at an organizational, platform, and operational level to adequately protect your data.
Organizational Security
At Visier, security is every employee’s responsibility. Considering our people are essential to the delivery of secure solutions, we instill the importance of security right from our new hire onboarding experience and reinforce this principle through regular training and awareness programs.
With empowerment and support from Visier’s Executive Leadership team, we have built a comprehensive Security Program that promotes the importance of security and the protection of customer data throughout the organization. Visier invests considerable resources to ensure that only qualified professionals make up the teams that manage and oversee our infrastructure.
Platform Security
Data Security
Application Security
Infrastructure Security
Operational Security
Physical Security
Vulnerability Management
Secure Data Centers and Service Availability
Business Continuity and Disaster Recovery
Our integrated approach for ensuring the resiliency/recovery of our services and operations is guided by the Visier Business Continuity Policy. Several teams across Visier work together to maintain business continuity plans and processes to ensure the organization is capable of operating critical functions during a major disruption or disaster (e.g. natural calamities, pandemic outbreak). The Executive Management team has defined a comprehensive business continuity strategy covering:
Disaster Recovery
Business Continuity
Visier’s Disaster Recovery Plan (DRP) addresses the recovery/resilience of information assets (e.g. customer data, networks, servers, and other resources within the data centers) to ensure customers are able to access our solutions in the event of a disaster. The DRP is regularly tested to ensure that services can be recovered within the stipulated timelines. The DRP is reviewed at least annually by Visier management and our external auditor (as part of the annual SOC 2 Type II audits) and updated based upon lessons learnt.
Visier’s Business Continuity Plan (BCP) addresses risks across several areas (including human, business, and technology) to ensure we are able to continue business operations in the event of a disaster. To ensure the plan addresses different teams and requirements, our business continuity planning process involves the whole organization. Amongst other areas, the plan covers the following:
Secondary and alternative measures are considered and implemented when primary resources or functions are impacted as a result of a disaster.
Pandemic Planning, and the maintenance of holistic health and safety plansto ensure the well-being of Visier employees, customers, and stakeholders.
Ensuring employees are well-equipped with secure technologies to work remotely for prolonged periods during times Visier’s offices are unavailable for any reason.
Performing regular testing and other validation procedures to ensure we are still able to meet security and availability commitments to customers.
Identifying and training resources (e.g. table-top exercises, other simulated activities) to ensure critical resources can be recovered within the stipulated timelines.