Security Measures
Effective Date: May 14, 2018.
Security Overview
Sena Technologies has a dedicated security team that guides the implementation of controls, processes, and procedures governing the security of Sena and its customers. The Sena security team is responsible for developing, implementing and maintaining an information security program that reflects the following principles:
- Align security activities with Sena’s strategies and support Sena’s objectives.
- Leverage security to facilitate confidentiality, integrity, and availability of data and assets.
- Utilize Sena’s security resources efficiently and effectively.
- Utilize monitoring and metrics to facilitate adequate performance of security related activities.
- Manage security utilizing a risk based approach.
- Implement measures designed to manage risks and potential impacts to an acceptable level.
- Leverage industry security frameworks where relevant and applicable.
- Leverage compliance/assurance processes as necessary.
- Analyze identified or potential threats to Sena and its customers, provide reasonable remediation recommendations, and communicate results as appropriate.
Security, Availability, and Disaster Recovery
- Sena leverages leading data center providers to house our physical infrastructure.
- Our data center providers utilize an array of security equipment, techniques and procedures designed to control, monitor, and record access to the facilities.
- We have implemented solutions designed to protect against and mitigate effects of DDoS attacks.
- We have dedicated teams located in multiple geographies to support our platform and supporting infrastructure.
- Sena maintains geographically separate data centers to facilitate infrastructure and service availability and continuity.
Application Level Security
- Sena hashes passwords for user accounts and provides SSL for customers.
- Sena utilizes Web Application Firewall (WAF) technology.
Incident Response
- In the event of an issue related to the security of the Sena platform, the Sena security team follows a formal incident response process.
- We analyze identified or potential threats to Sena and its customers, provide reasonable remediation recommendations, and communicate results as appropriate.
Sena Building and Network Access
- Physical access to Sena offices and access to the Sena internal network is restricted and monitored.
Systems Access Control
- Access to Sena systems is limited to appropriate personnel.
- Sena subscribes to the principle of least privilege (e.g., employees, system accounts, vendors, etc. are provided with the least amount of access for their job function).