Cord Security Standard

Cord Information Security Program

Cord will maintain a comprehensive information security program (“Cord Security Program”) which includes administrative, technical and physical safeguards to protect the data of our customers who have purchased our services (“Customer”, “you”, “your”). Cord safeguards are maintained to appropriately protect your data based on commercially reasonable and industry standard resources available to Cord and the type of the data. The Cord Security Program is designed to:

Cord will also monitor, evaluate and modify the Cord Security Program to ensure:

Governance. Cord will maintain a governance program which includes:

Access Controls. Cord will maintain policies, procedures and logical controls designed to:

Human Resource Security. Cord will maintain security and privacy policies and procedures for Human Resource including:

Physical and Environmental Security. Cord will maintain controls that are designed to protect from unauthorized access and against environmental hazards, including:

Secure Development Lifecycle. Cord will maintain policies and procedures which will reasonably assure that development is done with commercially reasonable security practices including:

Monitoring. Cord will maintain network, system and application monitoring including servers, disks and Security events for any potential problems designed to:

Encryption. Cord will provide reasonable assurance of the protection of your data through encryption algorithms within NIST guidelines, which includes:

• Transmission encryption using AES 256 bits with TLS 1.3 or higher;

Incident Response. Cord will maintain an incident response policy with procedures to provide you with reasonable assurances that Cord can respond to any type of security event or breach, and which includes:

Contingency Planning. Cord will maintain policies and procedures for the response and or recovery of an emergency or other occurrence either natural or pandemic that could damage or affect systems, and environment of customer data. Such procedures include:

Audit and Testing. For no additional fees once annually upon your request Cord will provide you with reasonable assurances of its environments including by providing:

Disposal. Cord has policies and procedures to provide reasonable assurance to the appropriate return and/or disposal of your data including:

Endpoint Devices. Cord has policies, procedures and technical controls to protect endpoint devices including:

Malware and Patching. Throughout the term of any subscription and in accordance with standard industry practice, Cord will:

Shared Security Model. Customer acknowledges the security of the subscription services is a shared responsibility between Cord and Customer. Accordingly Customer will administer controls as recommended by commercially reasonable security frameworks (e.g., NIST, ISO, Cord’s security recommendations). Administrative security within the subscription services is the responsibility of the Customer. Technical security, as outlined in this Exhibit, is the responsibility of Cord.

Published

Apr 2nd, 2023

Chat with our team

our team

We will be in touch soon to get you started on your collaboration journey.

Cord powers collaboration in

Typeform, Riskified, and Finmark logos

Thanks!

Your message has been passed onto our team and we will be in touch soon. Watch out for our email.

What's next?

Cord Collaboration Documentation

By submitting this form, I agree to receive other communications from Cord. For more info please review our Privacy Policy.

Build your own chatbot with Cord

chatbot with Cord

We'll be in touch to get you set-up. Keep an eye on your inbox 👀

Cord powers collaboration in

Typeform, Riskified, and Finmark logos

Thanks!

Your message has been passed onto our team and we will be in touch soon. Keep an eye on your inbox 👀

What's next?

Cord Collaboration Documentation

By submitting this form, I agree to receive other communications from Cord. For more info please review our Privacy Policy.