Cyber Security
Security overview
Cloud hosting
SUB-ZERO data is stored on AWS cloud infrastructure, with data hosted in Canada.
Encryption
Data is encrypted in transit using SSL. User passwords are encrypted and protected through password security controls.
Access control
Different user roles and permissions allow managers to oversee their own staff, accounts, and operational access.
Data management
Backups
- Daily backups
- Weekly backups
- Monthly backups
Disaster recovery
- Recovery process for service disruption scenarios
- Cloud-based infrastructure supporting resilience
- Internal procedures for restoring critical platform access
Roles & user management
Role-based permissions help control what each user can view, manage, or update.
Managers can oversee their own staff, accounts, and assigned operational areas.
Password requirements are in place to support stronger account security.
User sessions time out every 8 hours to reduce long-running access exposure.
SSO status
SUB-ZERO does not currently support single sign-on. Access is managed through platform accounts, password controls, user roles, and permissions.
Security testing & governance
Penetration testing
Penetration testing is done to assess platform security and identify areas for improvement.
Incident response
Review, manage, respond and escelate security events.
IT department checklist
| Requirement | SUB-ZERO Standard |
|---|---|
| Cloud provider | AWS cloud infrastructure |
| Data residency | Data stored in Canada |
| Encryption in transit | Yes, SSL protection |
| Password encryption | Yes, passwords are encrypted |
| Single sign-on | No SSO at this time |
| User roles & permissions | Yes, different roles and permissions are available |
| Manager controls | Managers can oversee their own staff and accounts |
| Session timeout | Sessions time out every 8 hours |
| Password policy | Yes, password policy is in place |
| Backups | Daily, weekly, and monthly backups |
| Penetration testing | Annual penetration testing |
| Compliance | SOC Type II compliant |
| Disaster recovery | Disaster recovery plan in place |
| Vulnerability management | Vulnerability management policy in place |
| Incident response | Incident response plan in place |
| Terms | Standard terms and conditions available |
| Service level agreement | Standard SLA available |
Service availability & support
Availability target
Uptime > than 95%.
Response time
Standard inquiries receive a next business day response.
Office hours
Support is available Monday to Friday, 8:30 AM to 5:00 PM Eastern Time, excluding holidays.
Security documentation available for review.
Standard terms and conditions, service level agreement details, cybersecurity documentation, and security process information.
ELEVATE YOUR ICE