How We Store, Process, and Secure Data
The PrimeRevenue Platform is hosted in Flexential and Amazon AWS data centers. PrimeRevenue maintains fully redundant application infrastructure hosted across multiple data centers located in the US, providing physical security 24/7. State of the art fire suppression, redundant utilities, and biometric access control ensure your data is safe.
PrimeRevenue practices defense-in-depth to protect your data at rest and between your systems and ours. We use latest encryption techniques for access, transmission and at rest of sensitive data.
PrimeRevenue is relentlessly updating systems to protect our customers’ data. We maintain a vulnerability management program in combination with configuration management, and continuous monitoring to ensure system consistency.
If we see something, we react quickly. We are always looking for potential system interruptions. Security never sleeps, real-time security monitoring is 7/24/365.
Penetration Testing and Application-Level Security
PrimeRevenue performs yearly penetration and application security testing by third party. In addition, our purple team regularly perform security tests to identify, validate, and remediate potential vulnerabilities.
Data Protection, Continuity, and Retention
PrimeRevenue maintains and tests business continuity and recovery plans annually. We backup and test our systems regularly.
SOC 1 and 2 Type 2
PrimeRevenue is SOC 1 and 2 Type 2 compliant. We undergo a SOC 1 and 2 Type 2 examination of our business and security controls against AICPA defined standards on an annual basis, with a third-party audit firm to ensure the security of our platform and its supporting infrastructure.
ISO 27001 is a globally recognized standard for the establishment and certification of an information security management system (ISMS). Our entire information security program is certified under the ISO 27001 framework. PrimeRevenue has achieved ISO27001:2013 conformity. Verify here.
PrimeRevenue is committed to ensuring ongoing compliance with the General Data Protection Regulation (GDPR). The GDPR extends the reach of the European Union’s data protection laws and established many new requirements for organizations that fall under its scope.