Supportable Security Exhibit

Supportable employs industry standard security protocols to safeguard data and maintain privacy. Some of the key protocols include:

• Advanced Encryption Standard (AES) – Supportable uses industry standard AES-256 to encrypt data at rest.
• Transport Layer Security (TLS) – TLS encrypts data in transit between devices and data centers. This ensures secure communication by protecting against tampering, interception or forgery.
• Web application firewalls – protects web systems against threats and vulnerabilities such as malware or impersonation.
• Secure Data Centers – the data centers that host our applications are ISO 27001, SOC 1, type II and SOC 2, type II certified.
• Redundant Data Centers – we host our applications on multiple data centers, in multiple regions of the US.
• Third party testing for vulnerabilities – helps identify and address potential security vulnerabilities and ensures that the application complies with industry and federal security standards.
• Multifactor authentication – process of confirming the identification of a user or machine that is trying to log on or access.
• Secure coding practices – Our developers follow secure coding practices to reduce the risk of bugs or vulnerabilities.
• Consistent updates and patching – ensuring the application is up to date and reduce the risk of bugs or vulnerabilities.

Supportable customers are responsible for adhering to best practices and legal requirements for the services that they provide. This includes managing employee access and level of access their staff members have based on their role.