Cherre follows best practice security measures to ensure that we meet and exceed industry standards.
Cherre is proud to have completed the SOC2 Type I examination. The external examination covered the trust service categories of Security and Confidentiality, further confirming that Cherre data, customer data, systems, and information are protected.
The structure, modeling and integrity of all data is a vital part of the Cherre relationship with both data partners and clients.
As such, Cherre has built an isolated data system throughout our technology pipeline, ensuring no ability for cross contamination of data in any way. Additionally, all data within the system remains fully auditable.
Cherre uses role-based security architecture and confidentiality best practices to protect against unauthorized disclosure of information. We ensure that private information remains private and that it can only be viewed or accessed by individuals who need that information in order to complete their job duties.
Cherre provides protection from unauthorized modifications (e.g., add, delete, or change) of data. Our system is provides the highest level of data integrity and we ensure that your data can be trusted to be accurate and that it has not been inappropriately modified.
Cherre ensures that all data is encrypted both at rest and in transit; guaranteeing that all client information is kept secure at all times. Cherre restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal.
Cherre maintains a set of comprehensive security policies that are kept up-to-date as part of the Information Security program.
Our security framework is based on ISO 27001 and NIST 800-53 Information Security Standards and includes policies covering data classification, access management, cryptography, change management, secure server configuration, physical security, business continuity, vendor assurance, vulnerability management, security monitoring, and incident response.
These policies are made available to all employees and regular training on security principles is executed as part of best practice (inclusive of education on emerging threats such as phishing campaigns and access control management).
Our infrastructure serves as a safe platform for Cherre applications, and our cloud security practices adhere to the Center for Internet Security (CIS). Our cloud security program is driven by four principles:
All cloud assets in Cherre’s infrastructure are inventoried. Assets must have a defined owner, security classification, and purpose. We also leverage resource tagging to ensure the highest level of fidelity.
Direct access to production resources is restricted and role-based access control is enforced through Cherre Single Sign-On (SSO). On top of that, strong multi-factor authentication, encryption protocols, and session auditing are enforced for these connections.
The Cherre Cloud assets are continuously monitored for adherence to security best practices. We leverage automation to identify any deviation from our technical standards and raise issues within minutes of the configuration change.
Cherre’s production environment employs defensive security controls at all layers of its infrastructure including network segregation, identity and access management, audit trails, and security event monitoring throughout our GCP environment.