DataScan Trust Center
DataScan's Trust Center provides a centralized overview of our commitment to security, compliance, and data privacy. It is designed to offer transparency to clients and partners regarding how their sensitive information is protected. The platform outlines the various security measures, policies, and industry standards that DataScan adheres to in its operations. Through this resource, clients can learn about the company's security posture and request relevant compliance documentation.
UltraViolet Cyber
Black Duck
A-LIGNPolicies
Policies
DataScan maintains a formal, documented, and regularly reviewed set of policies, covering areas such as fraud prevention, privacy, acceptable use, remote work, and information security, designed to promote operational integrity, employee accountability, and alignment with internal governance standards.
Reports
Reports
DataScan produces detailed, audit-ready reports, including SOC 1 and SOC 2 assessments, policy compliance tracking, and security evaluations that support transparency, client assurance, and continuous improvement across its operations and governance programs
Data Security
Data Security
DataScan upholds a rigorous data security program built on layered administrative, technical, and physical safeguards to protect business-critical data assets, ensure regulatory compliance, and maintain operational resilience across its enterprise systems.
Data Privacy
Data Privacy
DataScan maintains a robust data privacy program focused on protecting data assets and ensuring secure, compliant processing practices across its operations.
Access Control
Access Control
DataScan enforces strict access control protocols—both physical and logical to ensure that only authorized individuals can access its systems and facilities, using a deny-by-default approach, least privilege principles, and documented safeguards to protect operational assets and maintain service integrity.
Asset Management
Asset Management
DataScan maintains a structured asset management program that governs the lifecycle of its technology and operational assets from acquisition to disposal ensuring secure use, accountability, and alignment with business objectives across its enterprise systems.
Endpoint Security
Endpoint Security
DataScan enforces a layered endpoint security strategy that includes antivirus and anti-malware protection, device hardening, login attempt controls, and centralized monitoring tools to safeguard enterprise systems and ensure operational integrity across all connected devices.
Infrastructure
Infrastructure
DataScan operates a resilient, cloud-native infrastructure hosted on Amazon Web Services (AWS), designed for high availability, secure operations, and consistent performance across environments through containerization, automated patching, and annual zone failover practices.
Network Security
Network Security
DataScan maintains a layered network security architecture that includes firewall segmentation, VPN access controls, and cloud-native inspection gateways to ensure secure connectivity, minimize lateral movement, and support resilient operations across its enterprise infrastructure.
Continuous Monitoring
Continuous Monitoring
DataScan employs continuous monitoring across its infrastructure, applications, and security operations to ensure system integrity, detect anomalies, and proactively maintain audit readiness through automated alerts, real-time visibility, and corrective action protocols.
Incident Response
Incident Response
DataScan maintains a structured incident response program aligned with NIST 800-61, enabling rapid detection, containment, and resolution of cyber threats through coordinated efforts across internal teams and its managed detection and response (MDR) partner, with clear escalation paths and communication protocols to support operational continuity.
BC/DR
BC/DR
DataScan maintains a proactive BC/DR program that ensures operational resilience through documented recovery procedures, annual failover testing across cloud availability zones, and coordinated response strategies to minimize disruption and restore services swiftly in the event of a crisis.
Risk Profile
Risk Profile
We have secure, reliable hosting that customers can depend on. We are happy to provide details about our risk mitigation practices and recovery objectives upon request.
Change Management
Change Management
DataScan follows a structured change management program that ensures all system and application changes are planned, documented, approved, and communicated to minimize operational disruption and maintain service continuity across its environments.
Artificial Intelligence (AI)
Artificial Intelligence (AI)
DataScan promotes the responsible, secure, and ethical use of AI technologies by enforcing strict acceptable use policies, maintaining an internal AI Committee for oversight, and authorizing only vetted tools to enhance productivity while safeguarding data and preserving human judgment.
Product Security
Product Security
DataScan embeds security throughout its software development lifecycle by enforcing secure coding practices, conducting static and dynamic vulnerability scans, and performing annual penetration tests to ensure its products meet high standards for integrity, resilience, and client trust.
Training
Training
DataScan delivers structured, role-relevant training through platforms like Drata, Udemy, and ADP, combining mandatory onboarding and annual security awareness courses with department-specific learning paths to foster compliance, operational readiness, and continuous professional development.
Physical & Environment
Physical & Environment
DataScan enforces a layered physical and environmental security program that includes access controls, surveillance systems, visitor management, and fire suppression safeguards to protect its facilities, personnel, and operational assets from unauthorized access and environmental threats.
Risk Management
Risk Management
DataScan maintains a proactive and structured risk management program that leverages continuous monitoring, automated findings, and a centralized risk register to identify, assess, and respond to risks through mitigation, acceptance, transfer, or avoidance strategies aligned with business impact and operational priorities.
Corporate Security
Corporate Security
DataScan enforces a multi-layered corporate security program that integrates physical access controls, surveillance systems, badge governance, and policy-driven safeguards to protect its facilities, workforce, and operational assets while maintaining compliance with internal standards and third-party audits.
ESG
ESG
DataScan supports ESG principles through ethical governance, community engagement, and operational transparency, while maintaining a privately held structure and focusing on responsible business practices.
Self-Assessments
Self-Assessments
DataScan conducts structured self-assessments leveraging platforms to automate evidence, provide continuous monitoring and alerting, and maintain transparency across its operations.