Security is a priority at Finite, and we work hard to keep our customers' and partners' data private and secure.
Risk and Compliance
Finite strives to align itself with industry security standards.
We do not handle or collect any financial information, and the extent of PII we handle is limited to the names, email addresses, and phone numbers of our customers.
We constantly review the data we have in our cloud file storage and email accounts to ensure the above statements remain true.
Should at any point the categories of data we are custodians of change, we'll ensure we comply with all applicable regulations.
Privacy
We collect only minimal information on our website (name and email), and our Privacy Policy details how we utilize that information to benefit our potential customers.
Incident Response
Finite strives to follow all of the latest best practices for our security incident response process. We're a small company, without the staff for a full security team, but we still strive to adhere NIST standards.
Awareness and Training
Privacy and Cyber Security Training is completed once a year, and during each employee’s onboarding, and agreements and acceptance of Finite’s security policies are collected at the conclusion of the annual training.
Threat Monitoring
Finite does not maintain its own servers or applications of any sort. Our only real hardware assets are the laptops that our employees use to connect to the various third-party cloud software that we configure.
That said, our reputation is paramount to us, and we want to ensure your trust is well placed.
- Antivirus/anti-malware
- Cloudflare Firewall
- Lastpass Enterprise
- Two Factor Authentication
- Principle of Least Privilege