Summary
This document is a technical report detailing the security approach of Fulcrum, developed by Spatial Networks, Inc. It outlines the organizational security responsibilities, data protection measures, and secure development processes implemented to safeguard customer data. The report describes the encryption methods used for data in transit and at rest, ensuring compliance with FIPS 140-2 standards. It also covers network security strategies, including segmentation of cloud-based systems and access control measures based on the principle of least privilege. Additionally, the document discusses the monitoring and logging practices in place, as well as data retention policies and disaster recovery plans. Vendor management and annual penetration testing processes are also highlighted, emphasizing the commitment to maintaining security standards and addressing vulnerabilities. The report serves to inform stakeholders about the comprehensive security measures employed by Fulcrum to protect customer information.
