The services provided by Celigo are designed with the assumption that you will implement certain complementary user entity controls. It is impossible for Celigo control procedures alone to achieve all of the general security and Trust Services Criteria requirements related to the services provided by Celigo; therefore, you must establish your own internal controls or procedures to complement those provided by Celigo.
Complementary user entity controls
Implement the following user entity controls to provide additional assurance that the general security and the Trust Services Criteria requirements described within this report are met. Your security auditors should review and select the appropriate complementary user entity controls according to your organization's needs.
- You are responsible for understanding and complying with your contractual obligations to Celigo.
- You should maintain formal policies that provide guidance for information security and data classification within your organization and the supporting IT environment.
- You are responsible for using secure encrypted HTTPS (TLS/SSL) connections for all interactions and connections made from one SaaS to another SaaS with Integration Apps or integrator.io.
- You are responsible for the establishment and termination of user accounts within integrator.io.
- You are responsible for keeping your user account credentials secure for integrator.io.
- You are responsible for ensuring the supervision, management, and control of the use of Celigo services by your personnel.
- You are responsible for reviewing notifications from Celigo about changes to Integration Apps or integrator.io.
- You are responsible for any resources created with integrator.io.
- You are responsible for backing up data within your SaaS endpoints, Integration Apps, or integrator.io is connecting to.
- You are responsible for developing your own disaster recovery and business continuity plans that address the inability to access or utilize Celigo services.
- You are responsible for notifying Celigo if you detect or suspect a security incident related to Integration Apps or integrator.io.
- You are responsible for using secure FTP (SFTP, FTPS) for all of your FTP transfers made from one SaaS to another SaaS with Integration Apps or integrator.io.
Comments
0 comments
Please sign in to leave a comment.