Security

The Better way to Save & Invest

Cyber Security & Digital Resilience at CS Capital Funding

 

At CS Capital Funding, we place a paramount emphasis on cyber security and digital resilience. We understand the critical importance of safeguarding our digital infrastructure and data integrity to ensure our clients' peace of mind. Our unwavering commitment to security is reflected in our rigorous practices in the following areas:

 

  1. Secure Code Development: Our software development adheres to industry-recognized best practices, including the OWASP Top 10 security guidelines. We employ automated tools for code review to identify and mitigate vulnerabilities.

 

  1. Data Encryption: Security is at the core of our operations. We implement HTTPS by default to encrypt data in transit and uphold industry standards. Furthermore, our internal policies mandate laptop encryption to protect data in case of loss or theft.

 

  1. Availability and Digital Resilience: CS Capital Funding maintains a high-availability solution that shields our infrastructure against Distributed Denial of Service (DDoS) attacks. We employ a Web Application Firewall (WAF) to fortify our platform against malicious activities that could jeopardize data integrity.

 

  1. Two-Factor Authentication: We are committed to enhancing user security. Two-factor authentication is offered and strongly recommended for our clients. For our employees' access to critical business services, two-factor authentication is mandatory.

 

  1. Audits and Penetration Testing: Recognized, accredited third-party organizations conduct regular information security audits. Our platform and internal networks undergo routine penetration testing. Additionally, we have established an internal vulnerability management process, including automated scanning capabilities.

 

  1. Third-Party Security: CS Capital Funding collaborates with third-party service providers to enhance our offerings. We meticulously assess these third parties in alignment with our rigorous security, outsourcing, and data residency policies. Ongoing reviews ensure their commitment to security.

 

  1. Incident and Vulnerability Reporting: While we maintain stringent cyber security practices, we acknowledge that incidents or vulnerabilities may arise. We encourage our stakeholders to promptly report any issues or provide feedback to our Information Security Director at security@cscapitalfunding.com. These reports are treated as a top priority and addressed without delay.

 

  1. Payment Security: For payment processing, we partner with Stripe, a trusted third-party provider. Stripe is audited by a PCI-certified auditor and holds PCI Service Provider Level 1 certification, the highest level of certification in the payments industry. Their robust security tools and practices ensure payment security.

 

  1. Industry Collaboration: CS Capital Funding actively engages with industry peers and organizations to enhance our cyber security and digital resilience. We participate in security forums, conferences, and private discussion groups to stay ahead of evolving threats to our business.

 

  1. Human Resources Security: Our employees receive ongoing security awareness training and are held to stringent information security procedures. Non-compliance incidents are handled by our Information Security Director, who has direct access to the CS Capital Funding Board.

 

Our unwavering dedication to cyber security and digital resilience underscores our commitment to safeguarding your interests at CS Capital Funding. Your trust and security are our top priorities.