CD Strength LLC d/b/a Silver Tiger Consulting
Information Security Policy
Updated: January 2020
CD Strength LLC d/b/a Silver Tiger Consulting takes the security of customer data seriously. We have and continue to be bound by professional standards of confidentiality and have always protected your right to privacy. We do not sell any of our customer's data.
We have implemented internal policies and controls to try to ensure that customer data is not lost, accidentally destroyed, misused or disclosed, and is only accessed by CD Strength LLC authorized personnel and any third party vendors as required in the course of performing our duties to our customers.
For current and former clients, we do not disclose any nonpublic personal information about you that is either provided to us by you or obtained by use with your authorization. Permitted disclosures include, for instance, providing information to our employees and in certain situations, to unrelated third parties (vendors) who need to know that information to assist us in providing services to you. Written agreements are in place for all such relationships.
Where CD Strength LLC d/b/a Silver Tiger Consulting engages third parties to process customer data on its behalf, we do so on the basis of written instructions, are under a duty of confidentiality and are required to implement appropriate technical and administrative measures to ensure the data is secure.
We will maintain data security by protecting the confidentiality, integrity and availability of the customer data as follows:
Confidentiality means that only people who are authorized to use the data can access it.
Integrity means that data should be accurate and suitable for the purpose for which it is processed.
Availability means that authorized users should be able to access and use the data if they need it for authorized purposes in a timely and reliable manner. Customer data should therefore be stored in approved data stores and made available to authorized users only.
How is data security managed
Our security is managed on multiple levels, including Physical, Network, and User Account Security. We maintain internal security policies and standards in support of its ongoing operations. Access to resources is granted only to those who reasonably require access, based on their responsibilities. Security processes include:
Physical access to any paper based client files is restricted to specific individuals and uses multiple levels of security, including badge access and physical lock access. We make it a policy to never store sensitive information in paper format. We do not host our own applications, nor have our own data center, however, our data is stored in managed data center environments that have the following certifications:
Compliance Certifications (with links directly to our vendor's policies):
ISO/ IEC 27001
SOC 1 (SSAE 18)
PCI DSS Level 1
FedRAMP JAB P-ATO
NIST 800-171 (“DFARS”)
Global Regulations and Privacy:
Swiss-US Safe Harbor
Content Delivery & Security Association (CDSA)
Tech UK Member
Access to services we use is via standard HTTP and HTTPS connections.
All of your account, credit card, and subscriber information and content is encrypted via industry-standard Secure Sockets Layer (SSL) connections over HTTPS.
Administrative access to CD Strength LLC's infrastructure is limited strictly to authorized users with multi factor authentication. Individual usernames and passwords are required for all data access.
Our 3rd party software servicing providers have a documented Cybersecurity Incident Response Plan, a 24x7 Command Monitoring Center, a Cybersecurity Incident Commander and industry leading incident response teams at their disposal.
Our systems are routinely updated per vendor recommendations and industry standards.
We use up to date virus scanning software for detecting currently known malware.
Malware definitions are updated daily and installed as required.
Please contact us at firstname.lastname@example.org and we’ll get back to you as soon as we can.