Security Commitment

Qube Technologies
Security Commitment

Qube maintains a formalized information security policy to comply with various regulatory and business requirements. This security policy protects all sensitive and confidential data stored, accessed, or transmitted by our software platform, including its applications, components, infrastructure, and underlying code.

Qube maintains strict control access to restrict private information to privileged users. These users are required to abide by their assigned responsibilities related to their elevated access.

Qube retains sensitive and confidential data only for as long as necessary to fulfill its purposes unless otherwise required by law or to meet legal and client contractual obligations.

Qube segments its network to prevent direct or unauthorized connections between an external network and its information systems, in particular confidential data in cloud environments.

Qube maintains a vulnerability management program to ensure the confidentiality, integrity, and availability (CIA) of the organization’s information systems landscape, which includes all critical system resources. The program includes internal and external scans, penetration testing, and issue remediation for the purposes of identifying, detecting, classifying, prioritizing, remediating, validating, and continuously monitoring vulnerabilities.

Qube conducts independent third-party penetration tests at least annually on any systems with Confidential data or with a critical risk rating to identify security vulnerabilities.