Security and Privacy at FutureOn
You’re entrusting FutureOn with your data, and we take that responsibility very seriously and it is our highest priority. See below just some of the measures we take to keep your data safe, prevent leaks and block unauthorized access:
Continuous vulnerability scans
Application security is of the highest importance at FutureOn. During our Software Development Lifecycle (SDLC) we continuously scan FieldTwin for zero-day exploits and known software vulnerabilities.
Regular third-party penetration tests
We’re committed to regular third-party penetration tests and code auditing, usually on a quarterly basis. We publish these findings with potential and existing customers.
All FieldTwin staging and production infrastructure is hosted in our Cloud Service Provider (CSP) environments. Therefore, all physical and environmental related controls which includes access to buildings are managed by our chosen CSP partners.
Our selected partners are certified to SOC1, SOC2, SOC3, ISO 27001, ISO 27017, ISO 27018 and PCI DSS.
Every employee at FutureOn from Sales to Development, including contractors undergoes in-depth cyber security awareness, GDPR awareness and privacy awareness training on their first day.
We run regular internal training sessions and all employees must keep up-to date and have attended a refresher at least once yearly.
FutureOn provides all of our clients, at no additional cost the functionality to implement Single Sign On using their preferred identity provider. We support Microsoft On-Premise AD, Azure AD, SAML 2.0 and OIDC.
We believe SSO is a core security requirement for any company, and is critical to IT and Security Teams to effectively manage user access.
We host FieldTwin data in state-of-the-art data centres, usually in Google Cloud, Microsoft Azure or Amazon Web Services. The location depends on the needs of the individual customer and applicable laws, but we are happy to deploy FieldTwin to the customers preferred location if it is available to us.
Highest industry standard encryption