Reports on controls at a service organization relevant to Security, Availability, Processing Integrity, Confidentiality and Privacy.
SolarWinds Service Desk is ISO 27001 certified for internationally recognized information security management system (ISMS) best practices and required data security processes.
Skyhigh Enterprise-Ready cloud services fully satisfy the most stringent requirements for data protection, identity verification, service security, business practices, and legal protection.
Your trust means everything to us.
SolarWinds Service Desk servers are hosted with Amazon Web Services (AWS) in the USA, the European Union, and Australia, a secured, durable technology platform with industry-recognized certifications and audits including PCI DSS Level 1, ISO 27001, FISMA Moderate, FedRAMP, HIPAA, and SOC 1 (formerly referred to as SAS 70 and/or SSAE 16) and SOC 2 audit reports. The data center is protected by highly-trained security guards 24/7 and physical access to the SolarWinds Service Desk servers is restricted to authorized personnel only. Our network is protected by an extensive network and security monitoring systems. For more information on our data security, please see the FAQ page.
All information sent to and from SolarWinds Service Desk is encrypted with 2048-bit SSL encryption, the same security used by banks and e-commerce sites to protect their services. This means that all communication between your computers and our servers is encrypted and that your session is protected. You can verify this by checking the lock icon in your browser. All data is encrypted in transfer and all access to our service is governed by strict password security policies. In addition, all passwords are stored in SHA2 hash format, which means they can not be reversed to the original password and are not readable. Furthermore, all data is also encrypted at rest using the industry-standard AES-256 algorithm; this also includes any and all attachments included. For more information on our data security, please see the FAQ page.
Configured versioning saves multiple versions of all changes made to your files. This guarantees that data is always retained and easily restored. Additionally, we have a copy of all data at all times, and store a clone of static data on our servers. You will have access to all of this data, even if you decide to leave us. For more information on our data security, please see the FAQ page.
We’re in it for the long haul: when you’re using SolarWinds Service Desk our door is always open and we are always here to provide support, hear your feedback and constantly upgrade your service with new features and tools. If you run into problems, we’re here to solve them ASAP. If you have any needs or questions, we’re here to listen and address them.
We have designed a full disaster recovery program to allow us to operate the SolarWinds Service Desk service without losing any of our customers’ data. Built using Amazon EC2 and S3 infrastructure services as our secondary data center, our backups are transmitted to the Amazon data center every night so we can operate the SolarWinds Service Desk service using the Amazon infrastructure if needed.
We understand how important it is that the SolarWinds Service Desk IT Asset Management agents that you deploy to your computers are safe and secure. The Service Desk agent operates like any other software that runs in your network and connects to a server through the Internet (such as your anti-virus protection or even Adobe Acrobat Reader). The agent connects only to the Service Desk server, and no communication is initiated with other destinations. In addition, the agent does not receive requests from any device or server, internal or external to your network – it only initiates requests. Furthermore all data transport is encrypted. This approach ensures that no other service can exploit the agent.
In 2014, SolarWinds Service Desk announced its ability to support the HIPAA and HITECH regulations, as well as the ability to sign HIPAA Business Associate Agreements (BAAs) with customers. SolarWinds Service Desk is one of the few cloud-based application providers that signs HIPAA Business Associate Agreements (BAAs), demonstrating our ongoing investment in enterprise security, compliance and control for our customers. Read the SolarWinds Service Desk HIPAA Statement. For additional HIPAA compliance process information, click here.
Effective May 25, 2018, the General Data Protection Regulations (GDPR) apply to any organization that processes or handles data for citizens residing in the European Union. Unlike many cloud-based SaaS companies that rely on third-parties like AWS to ensure data security compliance, we pride ourselves on our extensive security certifications and accreditations. While the GDPR is only legally binding for data pertaining to EU citizens, we feel strongly that no matter where a person resides, their data privacy should be protected. Rest assured that your organization’s employee data is safe with us since we are GDPR compliant. For more information about GDPR and Data Security in ITSM, please read this OrangeMatter blog post.